Controlling Telnet Users By Source Mac Addresses; Configuration Example - H3C S5120-SI Series Operation Manual
Hide thumbs
Also See for S5120-SI Series:
- Command reference manual (910 pages) ,
- Configuration manual (745 pages) ,
- Installation manual (70 pages)
Table of Contents
Advertisement
Controlling Telnet Users by Source MAC Addresses
This configuration needs to be implemented by Layer 2 ACL; a Layer 2 ACL ranges from 4000 to 4999.
For the definition of ACL, refer to ACL Configuration.
Follow these steps to control Telnet users by source MAC addresses:
To do...
Enter system view
Create a basic ACL or enter
basic ACL view
Define rules for the ACL
Quit to system view
Enter user interface view
Apply the ACL to control Telnet
users
by
addresses
Layer 2 ACL is invalid for this function if the source IP address of the Telnet client and the interface IP
address of the Telnet server are not in the same subnet.
Configuration Example
Network requirements
Only the Telnet users sourced from the IP address of 10.110.100.52 and 10.110.100.46 are permitted to
log in to the switch.
Use the command...
system-view
acl
[ match-order { config |
auto } ]
rule [ rule-id ] { permit | deny }
rule-string
quit
user-interface
first-number [ last-number ]
source
MAC
acl acl-number inbound
number
acl-number
[
type
]
7-3
Remarks
—
As
for
the
acl
number
command, the config keyword
is specified by default.
Required
You can define rules as needed
to filter by specific source MAC
addresses.
—
—
Required
The
inbound
keyword
specifies to filter the users
trying to Telnet to the current
switch.
Advertisement
Chapters
Table of Contents
Troubleshooting
