Source Mac-Based Login Control Configuration Example - H3C SR6600 Fundamentals Configuration Manual

To do...
Enter system view
Create an advanced ACL and
enter its view, or enter the view of
an existing advanced ACL
Configure rules for the ACL
Exit the advanced ACL view
Enter user interface view
Use the ACL to control user login
by source MAC address
The above configuration does not take effect if the telnet client and server are not in the same
subnet.

Source MAC-Based Login Control Configuration Example

Network requirements
As shown in Figure
sourced from Host A and Host B.
Figure 5-1 Network diagram for configuring source MAC-based login control
Configuration procedure
# Configure basic ACL 2000, and configure rule 1 to permit packets sourced from Host B, and rule
2 to permit packets sourced from Host A.
<Sysname> system-view
[Sysname] acl number 2000 match-order config
[Sysname-acl-basic-2000] rule 1 permit source 10.110.100.52 0
[Sysname-acl-basic-2000] rule 2 permit source 10.110.100.46 0
Use the command...
system-view
acl number acl-number
[ match-order { config | auto } ]
rule [ rule-id ] { permit | deny }
rule-string
quit
user-interface [ type ]
first-number [ last-number ]
acl acl-number inbound
5-1, configure an ACL on the Device to permit only incoming telnet packets
3-83
Remarks
—
Required
By default, no advanced ACL
exists.
Required
—
—
Required
inbound: Filters incoming telnet
packets.