beautypg.com

Controlling telnet users, Prerequisites, Controlling telnet users by source ip addresses – H3C Technologies H3C S3600 Series Switches User Manual

Page 83

background image

8-2

Controlling Telnet Users

Prerequisites

The controlling policy against Telnet users is determined, including the source IP addresses, destination

IP addresses and source MAC addresses to be controlled and the controlling actions (permitting or

denying).

Controlling Telnet Users by Source IP Addresses

Controlling Telnet users by source IP addresses is achieved by applying basic ACLs, which are

numbered from 2000 to 2999.

Follow these steps to control Telnet users by source IP addresses:

To do…

Use the command…

Remarks

Enter system view

system-view

Create a basic ACL or
enter basic ACL view

acl number acl-number
[ match-order { auto |
config } ]

As for the acl number command, the
config keyword is specified by
default.

Define rules for the ACL

rule [ rule-id ] { deny |
permit } [ rule-string ]

Required

Quit to system view

quit

Enter user interface view

user-interface [ type ]
first-number [ last-number ]

Apply the ACL to control
Telnet users by source IP
addresses

acl acl-number { inbound |
outbound }

Required

The inbound keyword specifies to
filter the users trying to Telnet to the
current switch.

The outbound keyword specifies to
filter users trying to Telnet to other
switches from the current switch.

Controlling Telnet Users by Source and Destination IP Addresses

Controlling Telnet users by source and destination IP addresses is achieved by applying advanced

ACLs, which are numbered from 3000 to 3999.

Follow these steps to control Telnet users by source and destination IP addresses:

To do…

Use the command…

Remarks

Enter system view

system-view

Create an advanced ACL
or enter advanced ACL
view

acl number acl-number
[ match-order { auto | config } ]

As for the acl number command,
the config keyword is specified by
default.

Define rules for the ACL

rule [ rule-id ] { deny | permit }
protocol [ rule-string ]

Required

You can define rules as needed to
filter by specific source and
destination IP addresses.

Quit to system view

quit

This manual is related to the following products:
See also other documents in the category H3C Technologies Routers: