5 configuration example, I. network requirements, Ii. network diagram – H3C Technologies H3C S3100 Series Switches User Manual

Operation Manual – Login

H3C S3100-52P Ethernet Switch

Chapter 8 User Control

8-4

Operation

Command

Description

Define rules for the

ACL

rule

[ rule-id ] { permit |

deny

} [ [ type protocol-type

type-mask | lsap lsap-type
type-mask

] | format-type |

cos

cos

| source

{

source-vlan-id

|

source-mac-addr

source-mac-mask

}* | dest

{

dest-mac-addr

dest-mac-mask

} |

time-range

name ]*

Required
You can define rules as

needed to filter by specific

source MAC addresses.

Quit to system view quit

—

Enter user

interface view

user-interface

[ type ]

first-number

[ last-number ]

—

Apply the ACL to

control Telnet

users by specified

source MAC

addresses

acl

acl-number { inbound |

outbound

}

Required
The

inbound

keyword

specifies to filter the users

trying to Telnet to the current

switch.
The outbound keyword

specifies to filter users trying

to Telnet to other switches

from the current switch.

8.2.5 Configuration Example

I. Network requirements

Only the Telnet users sourced from the IP address of 10.110.100.52 and 10.110.100.46
are permitted to log into the switch.

II. Network diagram

Internet

Internet

Sw itch

Sw itch

s

Figure 8-1

Network diagram for controlling Telnet users using ACL