Chapter 3 Logon User Acl Control Configuration; Overview; Configure Acl Control Over The Telnet User; Define Acl - Huawei Quidway S5000 Series Operation Manual

Operation Manual - QoS/ACL
Quidway S5000 Series Ethernet Switches

Chapter 3 Logon User ACL Control Configuration

3.1 Overview

As the Ethernet switches launched by Huawei Technologies are used more and more
widely over the networks, the security issue becomes even more important. The
switches provide several logon and device accessing measures, mainly including
TELNET access, SNMP access, and HTTP access. The security control over the
access measures is provided with the switches to prevent illegal users from logging on
to and accessing the devices. There are two levels of security controls. At the first level,
the user connection is controlled with ACL filter and only the legal users can be
connected to the switch. At the second level, a connected user can log on to the device
only if he can pass the password authentication.
This chapter mainly introduces how to configure the first level security control over
these access measures, that is, how to configure to filter the logon users with ACL. For
detailed description about how to configure the first level security, refer to "getting
started" module of Operation Manual.

3.2 Configure ACL Control over the TELNET User

Configuring ACL control over the TELNET users can help filter the malicious and illegal
connection requests before the password authentication and ensure the device
security.
Take the following steps to configure the ACL control over the TELNET users:
1) Define ACLs
2) Call ACLs to control the TELNET user
The follow section introduces the configuration procedures.

3.2.1 Define ACL

You can only call the numbered basic ACL, ranging from 2000 and 2999, to implement
ACL control function.
You can use the following command to configure the basic ACL.
Perform the following configuration in system view.
Chapter 3 Logon User ACL Control Configuration
3-1