Figure 32 Network diagram
Configuration procedure
# Configure basic ACL 2000, and configure rule 1 to permit packets sourced from Host B, and rule 2 to
permit packets sourced from Host A.
<Sysname> system-view
[Sysname] acl number 2000 match-order config
[Sysname-acl-basic-2000] rule 1 permit source 10.110.100.52 0
[Sysname-acl-basic-2000] rule 2 permit source 10.110.100.46 0
[Sysname-acl-basic-2000] quit
# Reference ACL 2000 in user interface view to allow Telnet users from Host A and Host B to access the
Device.
[Sysname] user-interface vty 0 7
[Sysname-ui-vty0-7] acl 2000 inbound
Configuring source IP-based SNMP login control
Use a basic ACL (2000 to 2999) to control SNMP logins by source IP address. To access the requested
MIB view, an NMS must use a source IP address permitted by the ACL.
Configuration procedure
To configure source IP-based SNMP login control:
Step
1.
Enter system view.
2.
Create a basic ACL and
enter its view, or enter the
view of an existing basic
ACL.
3.
Create an ACL rule.
4.
Exit the basic ACL view.
Command
system-view
acl [ ipv6 ] number acl-number [ name name ]
[ match-order { config | auto } ]
rule [ rule-id ] { permit | deny } [ source
{ sour-addr sour-wildcard | any } |
time-range time-name | fragment |
logging ]*
quit
67
Remarks
N/A
By default, no basic ACL
exists.
N/A
N/A