Controlling telnet users by source mac addresses, Configuration example, Network requirements – H3C Technologies H3C S5120 Series Switches User Manual

7-3

Controlling Telnet Users by Source MAC Addresses

This configuration needs to be implemented by Layer 2 ACL; a Layer 2 ACL ranges from 4000 to 4999.

For the definition of ACL, refer to ACL Configuration.

Follow these steps to control Telnet users by source MAC addresses:

To do…

Use the command…

Remarks

Enter system view

system-view

—

Create a basic ACL or enter
basic ACL view

acl

number

acl-number

[ match-order { config |
auto } ]

As for the acl number
command, the config keyword
is specified by default.

Define rules for the ACL

rule [ rule-id ] { permit | deny }
rule-string

Required

You can define rules as needed
to filter by specific source MAC
addresses.

Quit to system view

quit

—

Enter user interface view

user-interface

[ type ]

first-number [ last-number ]

—

Apply the ACL to control Telnet
users by source MAC
addresses

acl acl-number inbound

Required

The

inbound keyword

specifies to filter the users
trying to Telnet to the current
switch.

Layer 2 ACL is invalid for this function if the source IP address of the Telnet client and the interface IP

address of the Telnet server are not in the same subnet.

Configuration Example

Network requirements

Only the Telnet users sourced from the IP address of 10.110.100.52 and 10.110.100.46 are permitted to

log in to the switch.