Step...
2.
Create
header ACL and enter its view
3.
Configure rules for the ACL
4.
Exit the advanced ACL view
5.
Enter user interface view
6.
Use the ACL to control user
login by source MAC address
Source MAC-based login control configuration example
Network requirements
As shown in
from Host A and Host B.
Figure 24 Network diagram for configuring source MAC-based login control
Configuration procedure
# Configure basic ACL 2000, and configure rule 1 to permit packets sourced from Host B, and rule 2 to
permit packets sourced from Host A.
<Sysname> system-view
[Sysname] acl number 2000 match-order config
[Sysname-acl-basic-2000] rule 1 permit source 10.110.100.52 0
[Sysname-acl-basic-2000] rule 2 permit source 10.110.100.46 0
[Sysname-acl-basic-2000] quit
# Reference ACL 2000 in user interface view to allow Telnet users from Host A and Host B to access the
Device.
[Sysname] user-interface vty 0 15
[Sysname-ui-vty0-15] acl 2000 inbound
Command...
an
Ethernet
frame
acl number acl-number [ match-
order { config | auto } ]
rule [ rule-id ] { permit | deny }
rule-string
quit
user-interface [ type ] first-number
[ last-number ]
acl acl-number inbound
Figure
24, configure an ACL on the Device to permit only incoming Telnet packets sourced
Remarks
Required.
By default, no Ethernet frame
header ACL exists.
Required.
—
—
Required.
inbound: Filters incoming Telnet
packets.
65