Network requirements, Configuration procedure – H3C Technologies H3C SecPath F1000-E User Manual
Page 100
92
Step Command
Remarks
5.
Enter user interface view.
user-interface [ type ] first-number
[ last-number ]
N/A
6.
Use the ACL to control user
login by source MAC
address.
acl acl-number inbound
inbound: Filters incoming Telnet
packets.
NOTE:
The configuration does not take effect if the Telnet client and server are not in the same subnet.
Source MAC-based Telnet login control configuration example
Network requirements
As shown in
, configure an ACL on SecPath to permit only incoming Telnet packets sourced from
Host A and Host B.
Figure 57 Network diagram
Configuration procedure
# Configure basic ACL 2000, and configure rule 1 to permit packets sourced from Host B, and rule 2 to
permit packets sourced from Host A.
<Sysname> system-view
[Sysname] acl number 2000 match-order config
[Sysname-acl-basic-2000] rule 1 permit source 10.110.100.52 0
[Sysname-acl-basic-2000] rule 2 permit source 10.110.100.46 0
[Sysname-acl-basic-2000] quit
# Reference ACL 2000 in user interface view to allow Telnet users from Host A and Host B to access
SecPath .
[Sysname] user-interface vty 0 4
[Sysname-ui-vty0-4] acl 2000 inbound