6 controlling login users, Introduction, Controlling telnet users – H3C Technologies H3C WX6000 Series Access Controllers User Manual

6-1

6

Controlling Login Users

To control login users, go to these sections for information you are interested in:

z

Introduction

z

Controlling Telnet Users

z

Controlling Network Management Users by Source IP Addresses

Introduction

An access controller provides ways to control different types of login users, as listed in

Table 6-1

.

Table 6-1

Ways to control different types of login users

Login mode

Control method

Implementation

Related section

By source IP
addresses

Through basic ACLs

Controlling Telnet Users by Source
IP Addresses

By source and
destination IP
addresses

Through advanced
ACLs

Controlling Telnet Users by Source
and Destination IP Addresses

Telnet

By source MAC
addresses

Through Layer 2 ACLs

Controlling Telnet Users by Source
MAC Addresses

SNMP

By source IP
addresses

Through basic ACLs

Controlling Network Management
Users by Source IP Addresses

Controlling Telnet Users

Prerequisites

The controlling policy against Telnet users is determined, including the source and destination IP
addresses to be controlled and the controlling actions (permitting or denying).

Controlling Telnet Users by Source IP Addresses

Controlling Telnet users by source IP addresses is achieved by applying basic ACLs, which are
numbered from 2000 to 2999. Refer to ACL in H3C WX6103 Access Controller Switch Interface Board

Configuration Guide

for information about defining an ACL.

To do…

Use the command…

Remarks

Enter system view

system-view

—

Create a basic ACL or
enter basic ACL view

acl

[ ipv6 ] number acl-number

[ match-order { config | auto } ]

As for the acl number command,
the config keyword is specified by
default.

Define rules for the ACL

rule

[ rule-id ] { permit | deny } [ source

{ sour-addr sour-wildcard | any } |
time-range

time-name | fragment |

logging

]*

Required