Configuring source mac-based telnet login control – H3C Technologies H3C SecPath F1000-E User Manual

Page 99

Advertising
background image

91

Step Command

Remarks

6.

Use the ACL to control user

login by source IP address.

acl [ ipv6 ] acl-number { inbound |
outbound }

inbound: Filters incoming Telnet
packets.
outbound: Filters outgoing Telnet
packets.

Configuring source and destination IP-based Telnet login control

Advanced ACLs can match both source and destination IP addresses of packets, so you can use

advanced ACLs to implement source and destination IP-based login control over Telnet users. Advanced

ACLs are numbered from 3000 to 3999. For more information about ACL, see Access Control
Configuration Guide.
To configure source and destination IP-based Telnet login control:

Step Command

Remarks

1.

Enter system view.

system-view N/A

2.

Create an advanced ACL and

enter its view, or enter the
view of an existing advanced

ACL.

acl [ ipv6 ] number acl-number
[ name acl-name ] [ match-order

{ config | auto } ]

By default, no advanced ACL
exists.

3.

Configure rules for the ACL.

rule [ rule-id ] { permit | deny }
rule-string

N/A

4.

Exit advanced ACL view.

quit

N/A

5.

Enter user interface.

user-interface [ type ] first-number
[ last-number ]

N/A

6.

Use the ACL to control user
login by source and

destination IP addresses.

acl [ ipv6 ] acl-number { inbound |
outbound }

inbound: Filters incoming Telnet
packets.
outbound: Filters outgoing Telnet
packets.

Configuring source MAC-based Telnet login control

Ethernet frame header ACLs can match the source MAC addresses of packets, so you can use Ethernet

frame header ACLs to implement source MAC-based login control over Telnet users. Ethernet frame
header ACLs are numbered from 4000 to 4999. For more information about ACL, see Access Control

Configuration Guide.
To configure source MAC-based Telnet login control:

Step Command

Remarks

1.

Enter system view.

system-view N/A

2.

Create an Ethernet frame

header ACL and enter its
view.

acl number acl-number [ name
acl-name ] [ match-order { config |

auto } ]

By default, no Ethernet frame
header ACL exists.

3.

Configure rules for the ACL.

rule [ rule-id ] { permit | deny }
rule-string

N/A

4.

Exit the advanced ACL view.

quit

N/A

Advertising
This manual is related to the following products:

H3C SecPath F5000-A5 Firewall, H3C SecPath F1000-A-EI, H3C SecPath F1000-E-SI, H3C SecPath F1000-S-AI, H3C SecPath F5000-S Firewall, H3C SecPath F5000-C Firewall, H3C SecPath F100-C-SI, H3C SecPath F1000-C-SI, H3C SecPath F100-A-SI, H3C SecBlade FW Cards, H3C SecBlade FW Enhanced Cards, H3C SecPath U200-A U200-M U200-S, H3C SecPath U200-CA U200-CM U200-CS

Popular Brands
Popular manuals