3Com 5500-SI Configuration Manual page 368

368 C 19: ACL C
HAPTER ONFIGURATION
Controlling Telnet using Source MAC
This configuration can be implemented by means of Layer 2 ACL, which ranges from
4000 to 4999. For the definition of ACL, refer to ACL part.
Table 390 Control Telnet using Source MAC
Configuration
Procedure
Enter system view
Create or enter Layer
2 ACL view
Define the subset
principle
Exit ACL view
Enter user interface
view
Reference an ACL,
and control Telnet
using source MAC
Configuration Example
Network requirements
Only Telnet users from 10.110.100.52 and 10.110.100.46 can access the switch.
Network diagram
Figure 92 Perform ACL control over Telnet users of the switch
Configuration Procedure
1 Define the basic ACL.
[S5500] acl number 2000 match-order config
[S5500-acl-basic-2000] rule 1 permit source 10.110.100.52 0
[S5500-acl-basic-2000] rule 2 permit source 10.110.100.46 0
[S5500-acl-basic-2000] rule 3 deny source any
[S5500-acl-basic-2000] quit
2 Reference an ACL.
[S5500] user-interface vty 0 4
[S5500-ui-vty0-4] acl 2000 inbound
Command
system-view
acl number acl-number
rule [ rule-id ] { permit | deny } [
[ type protocol-type type-mask |
lsap lsap-type type-mask ] |
format-type | cos cos | source {
source-vlan-id | source-mac-addr
source-mac-mask }* | dest {
dest-mac-addr dest-mac-mask } |
time-range name ]*
quit
user-interface [ type ]
first-number [ last-number ]
acl acl-number { inbound |
outbound }
Internet
Switch
Description
—
—
Required.
Users can configure the filtering rules
for the related source MAC based on
actual requirements.
—
—
Required.
inbound: Perform ACL control over
users Telnetting to the local switch.
outbound: Performs ACL control over
users Telnetting to other switches from
the local switch.