Terminal Lines; Denying And Permitting Access To A Terminal Line - Dell S6100 Configuration Manual

Hide thumbs Also See for S6100:

Table of Contents

For a 50-Gigabit Ethernet interface, enter the keyword fiftyGigE then the stack/slot/port/subport information.

For a 100-Gigabit Ethernet interface, enter the keyword hundredGigE then the stack/slot/port information.

For a Loopback interface, enter the keyword loopback then a number from 0 to 16383.

For a port channel interface, enter the keywords port-channel then a number.

For a VLAN interface, enter the keyword vlan then a number from 1 to 4094.

CONFIGURATION mode

ip ftp source-interface interface

Configure a password.

CONFIGURATION mode

ip ftp password password

Enter a username to use on the FTP client.

CONFIGURATION mode

ip ftp username name

To view the FTP configuration, use the show running-config ftp command in EXEC privilege mode, as shown in the example for

Terminal Lines

You can access the system remotely and restrict access to the system by creating user profiles.

Terminal lines on the system provide different means of accessing the system. The console line (console) connects you through the console

port in the route processor modules (RPMs). The virtual terminal lines (VTYs) connect you through Telnet to the system. The auxiliary line

(aux) connects secondary devices such as modems.

Dell Networking recommends applying only standard access control lists (ACLs) to deny and permit access to VTY lines.

Layer 3 ACLs deny all traffic that is not explicitly permitted, but in the case of VTY lines, an ACL with no rules does not deny traffic.

You cannot use the show ip accounting access-list command to display the contents of an ACL that is applied only to a

When you use the access-class access-list-name command without specifying the ipv4 or ipv6 attribute, both IPv4 as

well as IPv6 rules that are defined in that ACL are applied to the terminal. This method is a generic way of configuring access

restrictions.

To be able to filter access exclusively using either IPv4 or IPv6 rules, use either the ipv4 or ipv6 attribute along with the access-

class access-list-name command. Depending on the attribute that you specify (ipv4 or ipv6), the ACL processes either

IPv4 or IPv6 rules, but not both. Using this configuration, you can set up two different types of access classes with each class

processing either IPv4 or IPv6 rules separately.

To apply an IP ACL to a line, Use the following command.

Apply an ACL to a VTY line.

access-class access-list-name [ipv4 | ipv6]