Configuring source mac-based telnet login control – H3C Technologies H3C SecBlade LB Cards User Manual
Page 97
87
Configuring source/destination IP-based Telnet login control
Step Command
Remarks
1.
Enter system view.
system-view N/A
2.
Create an advanced ACL and
enter its view, or enter the
view of an existing advanced
ACL.
acl [ ipv6 ] number acl-number
[ name name ] [ match-order
{ config | auto } ]
By default, no advanced ACL
exists.
3.
Configure an ACL rule.
rule [ rule-id ] { permit | deny }
rule-string
N/A
4.
Exit advanced ACL view.
quit
N/A
5.
Enter user interface view.
user-interface [ type ] first-number
[ last-number ]
N/A
6.
Apply the ACL to the user
interfaces.
acl [ ipv6 ] acl-number { inbound |
outbound }
•
inbound: Filters incoming Telnet
packets.
•
outbound: Filters outgoing
Telnet packets.
Configuring source MAC-based Telnet login control
Ethernet frame header ACLs apply to Telnet traffic only if the Telnet client and server are located in the
same subnet.
To configure source MAC-based Telnet login control:
Step Command
Remarks
1.
Enter system view.
system-view N/A
2.
Create an Ethernet frame
header ACL and enter its
view.
acl number acl-number [ name
name ] [ match-order { config |
auto } ]
By default, no Ethernet frame
header ACL exists.
3.
Configure an ACL rule.
rule [ rule-id ] { permit | deny }
rule-string
N/A
4.
Exit Ethernet frame header
ACL view.
quit
N/A
5.
Enter user interface view.
user-interface [ type ] first-number
[ last-number ]
N/A
6.
Use the ACL to control user
logins by source MAC
address.
acl acl-number inbound
inbound: Filters incoming packets.