Configuration Example; Controlling Network Management Users By Source Ip Addresses - H3C S5100-SI Operation Manual
Ethernet switches
Hide thumbs
Also See for H3C S5100-SI:
- Operation manual (934 pages) ,
- Installation manual (104 pages) ,
- Quick start manual (78 pages)
Table of Contents
Advertisement
To do...
Apply an
ACL to
control
Telnet users
by ACL
Configuration Example
Network requirements
Only the Telnet users sourced from the IP address of 10.110.100.52 are permitted to access the
switch.
Network diagram
10.110.100.46
Host A
IP network
Host B
10.110.100.52
Figure 9-1 Network diagram for controlling Telnet users using ACLs
Configuration procedure
# Define a basic ACL.
<Sysname> system-view
[Sysname] acl number 2000
[Sysname-acl-basic-2000] rule 1 permit source 10.110.100.52 0
[Sysname-acl-basic-2000] quit
# Apply the ACL.
[Sysname] user-interface vty 0 4
[Sysname-ui-vty0-4] acl 2000 inbound
Controlling Network Management Users by Source IP Addresses
You can manage an S5100-SI/EI Ethernet switch through network management software.
Network management users can access switches through SNMP.
You need to perform the following two operations to control network management users by source
IP addresses.
Use the command...
Apply a
basic or
advanced
acl acl-number { inbound |
ACL to
outbound }
control
Telnet users
Apply a
Layer 2 ACL
acl acl-number inbound
to control
Telnet users
Switch
Required
Use either command
The inbound keyword specifies to
filter the users trying to Telnet to
the current switch.
The outbound keyword specifies
to filter users trying to Telnet to
other switches from the current
switch.
9-3
Remarks
Advertisement
Chapters
Table of Contents
Troubleshooting
