Configuration Example; Controlling Network Management Users By Source Ip Addresses - H3C S3610 Series Operation Manual
Hide thumbs
Also See for S3610 Series:
- Operation manual (175 pages) ,
- Quick start manual (84 pages) ,
- Command manual (54 pages)
Table of Contents
Advertisement
Operation Manual – Login
H3C S3610&S5510 Series Ethernet Switches
7.2.5 Configuration Example
I. Network requirements
Only the Telnet users sourced from the IP address of 10.110.100.52 and 10.110.100.46
are permitted to log into the switch.
II. Network diagram
Sw itch
Sw itch
Figure 7-1 Network diagram for controlling Telnet users using ACL
III. Configuration procedure
# Define a basic ACL.
<H3C> system-view
[H3C] acl number 2000 match-order config
[H3C-acl-basic-2000] rule 1 permit source 10.110.100.52 0
[H3C-acl-basic-2000] rule 2 permit source 10.110.100.46 0
[H3C-acl-basic-2000] rule 3 deny source any
[H3C-acl-basic-2000] quit
# Apply the ACL.
[H3C] user-interface vty 0 4
[H3C-ui-vty0-4] acl 2000 inbound
7.3 Controlling Network Management Users by Source IP
Addresses
You can manage a S3610&S5510 series Ethernet switch through network
management software. Network management users can access switches through
SNMP.
You need to perform the following two operations to control network management users
by source IP addresses.
Defining an ACL
Applying the ACL to control users accessing the switch through SNMP
Internet
Internet
Chapter 7 Controlling Login Users
7-4
s
Advertisement
Table of Contents
