7
Introduction
Controlling Telnet
Users
Prerequisites
Controlling Telnet Users
by Source IP Addresses
C
ONTROLLING
A switch provides ways to control different types of login users, as listed in Table 24.
Table 24 Ways to control different types of login users
Login mode Control method
Telnet
By source IP addresses
By source and
destination IP addresses
SNMP
By source IP addresses
WEB
By source IP addresses
Disconnect Web users by
force
The controlling policy against Telnet users is determined, including the source and
destination IP addresses to be controlled and the controlling actions (permitting or
denying).
Controlling Telnet users by source IP addresses is achieved by applying basic ACLs,
which are numbered from 2000 to 2999.
Table 25 Control Telnet users by source IP addresses
Operation
Command
Enter system view
system-view
Create a basic ACL or
acl number acl-number [
enter basic ACL view
match-order { config | auto } ]
Define rules for the
rule [ rule-id ] { permit | deny } [
ACL
source { sour-addr sour-wildcard
| any } ] [ time-range
time-name ] [ fragment ]
Quit to system view
quit
Enter user interface
user-interface [ type ]
view
first-number [ last-number ]
Apply the ACL to
acl acl-number { inbound |
control Telnet users by
outbound }
source IP addresses
L
U
OGIN
SERS
Implementation
Through basic ACLs
Through advanced
ACLs
Through basic ACLs
Through basic ACLs
By executing
commands in CLI
Description
As for the acl number command,
the config keyword is specified by
default.
Required
Required
The inbound keyword specifies to
filter the users trying to Telnet to
the current switch.
The outbound keyword specifies
to filter users trying to Telnet to
other switches from the current
switch.
Related section
Controlling Telnet Users by
Source IP Addresses
Controlling Telnet Users by
Source and Destination IP
Addresses
Controlling Network
Management Users by Source IP
Addresses
Controlling Web Users by
Source IP Address.
Disconnecting a Web User by
Force.