Controlling User Logins; Controlling Telnet Logins; Configuring Source Ip-Based Telnet Login Control; Configuring Source/Destination Ip-Based Telnet Login Control - HP 6125G Configuration Manual

Controlling user logins

To harden device security, use ACLs to prevent unauthorized logins. For more information about ACLs,
see ACL and QoS Configuration Guide.

Controlling Telnet logins

Use a basic ACL (2000 to 2999) to filter Telnet traffic by source IP address. Use an advanced ACL (3000
to 3999) to filter Telnet traffic by source and/or destination IP address. Use an Ethernet frame header
ACL (4000 to 4999) to filter Telnet traffic by source MAC address.
To access the device, a Telnet user must match a permit statement in the ACL applied to the user interface.

Configuring source IP-based Telnet login control

Step
1. Enter system view.
2. Create a basic ACL and
enter its view, or enter the
view of an existing basic
ACL.
3. Configure an ACL rule.
4. Exit the basic ACL view.
5. Enter user interface view.
6. Use the ACL to control user
logins by source IP address.

Configuring source/destination IP-based Telnet login control

Step
1. Enter system view.
2. Create an advanced ACL and
enter its view, or enter the
view of an existing advanced
ACL.
3. Configure an ACL rule.
Command
system-view
acl [ ipv6 ] number acl-number
[ match-order { config | auto } ]
rule [ rule-id ] { permit | deny }
[ source { sour-addr sour-wildcard |
any } | time-range time-name |
fragment | logging ]*
quit
user-interface [ type ] first-number
[ last-number ]
acl [ ipv6 ] acl-number { inbound |
outbound }
Command
system-view
acl [ ipv6 ] number acl-number
[ match-order { config | auto } ]
rule [ rule-id ] { permit | deny }
rule-string
65
Remarks
N/A
By default, no basic ACL exists.
By default, a basic ACL does not
contain any rule.
N/A
N/A
•
inbound: Filters incoming
packets.
•
outbound: Filters outgoing
packets.
Remarks
N/A
By default, no advanced ACL
exists.
N/A