Ssh Server Ipv6 Acl - HP FlexNetwork MSR Series Command Reference Manual
Comware 7 security
Hide thumbs
Also See for FlexNetwork MSR Series:
- Configuration manual (392 pages) ,
- Configuration manuals (159 pages)
Advertisement
[Sysname] ssh server enable
Related commands
display ssh server
ssh server ipv6 acl
Use ssh server ipv6 acl to specify an ACL to control IPv6 SSH connections to the server.
Use undo ssh server ipv6 acl to restore the default.
Syntax
ssh server ipv6 acl { ipv6 basic-acl-number | ipv6 advanced-acl-number | mac mac-acl-number }
undo ssh server ipv6 acl
Default
No ACLs are specified and all IPv6 SSH clients can initiate SSH connections to the server.
Views
System view
Predefined user roles
network-admin
Parameters
ipv6 basic-acl-number: Specifies an IPv6 basic ACL number in the range of 2000 to 2999.
ipv6 advanced-acl-number: Specifies an IPv6 advanced ACL number in the range of 3000 to 3999.
mac mac-acl-number: Specifies a Layer 2 ACL by its number in the range of 4000 to 4999.
Usage guidelines
The specified ACL filters IPv6 SSH clients' connection requests. Only the IPv6 SSH clients that the
ACL permits can initiate SSH connections to the device.
All IPv6 SSH clients can initiate SSH connections to the device when any one of the following
conditions exists:
•
You do not specify an ACL.
•
The specified ACL does not exist.
•
The specified ACL does not have rules.
The ACL takes effect only on SSH connections that are initiated after the ACL configuration.
If you execute this command multiple times, the most recent configuration takes effect.
Examples
# Configure ACL 2001 and permit only the users on the subnet 1::1/64 to initiate SSH connections to
the server.
<Sysname> system-view
[Sysname] acl ipv6 basic 2001
[Sysname-acl6-ipv6-basic-2001] rule permit source 1::1 64
[Sysname-acl6-ipv6-basic-2001] quit
[Sysname] ssh server ipv6 acl ipv6 2001
Related commands
display ssh server
609
Advertisement
