Configuration example, Network requirements, Network diagram – H3C Technologies H3C S3100 Series Switches User Manual

7-3

Table 7-4 Control Telnet users by source MAC addresses

Operation

Command

Description

Enter system view

system-view

—

Create or enter Layer 2
ACL view

acl number acl-number —

Define rules for the ACL

rule [ rule-id ] { deny | permit }
[ rule-string ]

Required

You can define rules as needed to filter
by specific source MAC addresses.

Quit to system view

quit

—

Enter user interface view

user-interface [ type ] first-number
[ last-number ]

—

Apply the ACL to control
Telnet users by specified
source MAC addresses

acl acl-number inbound

Required

By default, no ACL is applied for Telnet
users.

Configuration Example

Network requirements

Only the Telnet users sourced from the IP address of 10.110.100.52 are permitted to access the switch.

Network diagram

Figure 7-1 Network diagram for controlling Telnet users using ACLs

Switch

10.110.100.46

Host A

IP network

Host B

10.110.100.52

Configuration procedure

# Define a basic ACL.

<Sysname> system-view

[Sysname] acl number 2000

[Sysname-acl-basic-2000] rule 1 permit source 10.110.100.52 0

[Sysname-acl-basic-2000] quit

# Apply the ACL.

[Sysname] user-interface vty 0 4

[Sysname-ui-vty0-4] acl 2000 inbound