Controlling Network Management Users By Source Ip Addresses; Prerequisites - Huawei Quidway S3100 Series Operation Manual

Operation Manual – Login
Quidway S3100 Series Ethernet Switches
[Quidway] acl number 2000 match-order config
[Quidway-acl-basic-2000] rule 1 permit source 10.110.100.52 0
[Quidway-acl-basic-2000] rule 2 permit source 10.110.100.46 0
[Quidway-acl-basic-2000] rule 3 deny source any
[Quidway-acl-basic-2000] quit
# Apply the ACL.
[Quidway] user-interface vty 0 4
[Quidway-ui-vty0-4] acl 2000 inbound
7.3 Controlling Network Management Users by Source IP
Addresses
You can manage a Quidway series Ethernet switch through network management
software. Network management users can access switches through SNMP.
You need to perform the following two operations to control network management users
by source IP addresses.
Defining an ACL
Applying the ACL to control users accessing the switch through SNMP

7.3.1 Prerequisites

The controlling policy against network management users is determined, including the
source IP addresses to be controlled and the controlling actions (permitting or denying).

7.3.2 Controlling Network Management Users by Source IP Addresses

Controlling network management users by source IP addresses is achieved by
applying basic ACLs, which are numbered from 2000 to 2999.
Table 7-4 Control network management users by source IP addresses
Operation
Enter system view
Create
ACL or enter basic
ACL view
Define rules for the
ACL
Quit
view
system-view
a basic
acl
[ match-order { config | auto } ]
rule [ rule-id ] { permit | deny }
[ source
sour-wildcard
[ time-range
[ fragment ]
to system
quit
Huawei Technologies Proprietary
Command
number acl-number
{ sour-addr
| any }
time-name
7-4
Chapter 7 Controlling Login Users
Description
—
As for the acl number
command, the
keyword is specified by
default.
] Required
]
—
config