Configuration procedure, Configuration preparation, Configuring source ip-based login control over nms – H3C Technologies H3C S7500E Series Switches User Manual

5-4

Figure 5-1 Network diagram for configuring source MAC-based login control

Configuration procedure

# Configure basic ACL 2000, and configure rule 1 to permit packets sourced from Host B, and rule 2 to

permit packets sourced from Host A.

<Sysname> system-view

[Sysname] acl number 2000 match-order config

[Sysname-acl-basic-2000] rule 1 permit source 10.110.100.52 0

[Sysname-acl-basic-2000] rule 2 permit source 10.110.100.46 0

[Sysname-acl-basic-2000] quit

# Reference ACL 2000 in user interface view to allow telnet users from Host A and Host B to access

the Device.

[Sysname] user-interface vty 0 15

[Sysname-ui-vty0-15] acl 2000 inbound

Configuring Source IP-Based Login Control over NMS Users

You can log in to the NMS to remotely manage the devices. SNMP is used for communication between

the NMS and the agent that resides in the device. By using the ACL, you can control SNMP user

access to the device.

Configuration Preparation

Before configuration, determine the permitted or denied source IP addresses.

Configuring Source IP-Based Login Control over NMS Users

Because basic ACLs match the source IP addresses of packets, you can use basic ACLs to implement

source IP-based login control over NMS users. Basic ACLs are numbered from 2000 to 2999. For

more information about ACL, see ACL Configuration in the ACL and QoS Configuration Guide.

Follow these steps to configure source IP-based login control over NMS users:

To do…

Use the command…

Remarks

Enter system view

system-view

—