Step
3.
Configure an ACL rule.
4.
Exit the basic ACL view.
5.
Enter user interface view.
6.
Use the ACL to control user
logins by source IP address.
Configuring source/destination IP-based Telnet login control
Step
1.
Enter system view.
2.
Create an advanced ACL and
enter its view, or enter the
view of an existing advanced
ACL.
3.
Configure an ACL rule.
4.
Exit advanced ACL view.
5.
Enter user interface view.
6.
Apply the ACL to the user
interfaces.
Configuring source MAC-based Telnet login control
Ethernet frame header ACLs apply to Telnet traffic only if the Telnet client and server are located in the
same subnet.
To configure source MAC-based Telnet login control:
Step
1.
Enter system view.
2.
Create an Ethernet frame
header ACL and enter its
view.
Command
rule [ rule-id ] { deny | permit } [ counting
| fragment | logging | source { sour-addr
sour-wildcard | any } | time-range
time-range-name ] *
quit
user-interface { first-num1 [ last-num1 ] |
{ aux | console | vty } first-num2
[ last-num2 ] }
acl [ ipv6 ] acl-number { inbound |
outbound }
Command
system-view
acl [ ipv6 ] number acl-number
[ match-order { config | auto } ]
rule [ rule-id ] { permit | deny }
rule-string
quit
user-interface { first-num1
[ last-num1 ] | { aux | console |
vty } first-num2 [ last-num2 ] }
acl [ ipv6 ] acl-number { inbound |
outbound }
Command
system-view
acl number acl-number
[ match-order { config | auto } ]
54
Remarks
By default, a basic ACL
does not contain any rule.
N/A
N/A
•
inbound: Filters
incoming packets.
•
outbound: Filters
outgoing packets.
Remarks
N/A
By default, no advanced ACL
exists.
N/A
N/A
N/A
•
inbound: Filters incoming Telnet
packets.
•
outbound: Filters outgoing
Telnet packets.
Remarks
N/A
By default, no Ethernet frame
header ACL exists.