Telnet login control configuration example, Network requirements, Configuration procedure – H3C Technologies H3C SecBlade LB Cards User Manual
Page 98: Configuring source ip-based snmp login control
88
Telnet login control configuration example
Network requirements
Configure the LB product in
to permit only incoming Telnet packets sourced from Host A and
Host B.
Figure 52 Network diagram
Configuration procedure
# Configure basic ACL 2000, and configure rule 1 to permit packets sourced from Host B, and rule 2 to
permit packets sourced from Host A.
<LB> system-view
[LB] acl number 2000 match-order config
[LB-acl-basic-2000] rule 1 permit source 10.110.100.52 0
[LB-acl-basic-2000] rule 2 permit source 10.110.100.46 0
[LB-acl-basic-2000] quit
# Reference ACL 2000 on user interfaces VTY 0 through VTY 4 so only Host A and Host B can Telnet to
LB.
[LB] user-interface vty 0 4
[LB-ui-vty0-4] acl 2000 inbound
Configuring source IP-based SNMP login control
Use a basic ACL (2000 to 2999) to control SNMP logins by source IP address. To access the requested
MIB view, an NMS must use a source IP address permitted by the ACL.
Configuration procedure
To configure source IP-based SNMP login control:
Step Command
Remarks
1.
Enter system view.
system-view N/A
Host B
10.110.100.52
LB
IP network
Host A
10.110.100.46