Network diagram, Configuration procedure, Prerequisites – H3C Technologies H3C S5120 Series Switches User Manual

7-4

Network diagram

Figure 7-1 Network diagram for controlling Telnet users using ACLs

Switch

10.110.100.46

Host A

IP network

Host B

10.110.100.52

Configuration procedure

# Define a basic ACL.

<Sysname> system-view

[Sysname] acl number 2000 match-order config

[Sysname-acl-basic-2000] rule 1 permit source 10.110.100.52 0

[Sysname-acl-basic-2000] rule 2 permit source 10.110.100.46 0

[Sysname-acl-basic-2000] rule 3 deny source any

[Sysname-acl-basic-2000] quit

# Apply the ACL.

[Sysname] user-interface vty 0 4

[Sysname-ui-vty0-4] acl 2000 inbound

Controlling Network Management Users by Source IP Addresses

You can manage a H3C S5120-SI series Ethernet switch through network management software.

Network management users can access switches through SNMP.

You need to perform the following two operations to control network management users by source IP

addresses.

z

Defining an ACL

z

Applying the ACL to control users accessing the switch through SNMP

Prerequisites

The controlling policy against network management users is determined, including the source IP

addresses to be controlled and the controlling actions (permitting or denying).

Controlling Network Management Users by Source IP Addresses

Follow these steps to control network management users by source IP addresses:

To do…

Use the command…

Remarks

Enter system view

system-view

—