Configuring a local user at the cli, Controlling user logins, Configuring telnet login control – H3C Technologies H3C SecPath F1000-E User Manual
Page 98: Configuring source ip-based telnet login control
90
Configuring a local user at the CLI
For more information, see Access Control Configuration Guide.
Controlling user logins
User login control configuration is only available at the CLI.
The device provides the following login control methods:
Login Through
Login control methods
ACL used
Telnet
Configuring source IP-based Telnet login control
Basic ACL
Configuring source and destination IP-based Telnet
login control
Advanced ACL
Configuring source MAC-based Telnet login control
Ethernet frame header ACL
NMS
Configuring source IP-based SNMP login control
Basic ACL
Web
Configuring source IP-based Web login control
Basic ACL
Configuring Telnet login control
Before configuration, determine the permitted or denied source IP addresses, source MAC addresses,
and destination IP addresses.
Configuring source IP-based Telnet login control
Basic ACLs match the source IP addresses of packets, so you can use basic ACLs to implement source
IP-based login control over Telnet users. Basic ACLs are numbered from 2000 to 2999. For more
information about ACL, see Access Control Configuration Guide.
To configure source IP-based Telnet login control:
Step Command
Remarks
1.
Enter system view.
system-view N/A
2.
Create a basic ACL and enter
its view, or enter the view of
an existing basic ACL.
acl [ ipv6 ] number acl-number
[ name acl-name ] [ match-order
{ config | auto } ]
By default, no basic ACL exists.
3.
Configure rules for this ACL.
rule [ rule-id ] { permit | deny }
[ source { sour-addr sour-wildcard
| any } | time-range time-name |
fragment | logging ]*
N/A
4.
Exit the basic ACL view.
quit
N/A
5.
Enter user interface view.
user-interface [ type ] first-number
[ last-number ]
N/A