Network requirements, Configuration procedure – H3C Technologies H3C SecPath F1000-E User Manual

Page 100

Step Command

Remarks

Enter user interface view.

user-interface [ type ] first-number
[ last-number ]

N/A

Use the ACL to control user
login by source MAC

address.

acl acl-number inbound

inbound: Filters incoming Telnet
packets.

NOTE:

The configuration does not take effect if the Telnet client and server are not in the same subnet.

Source MAC-based Telnet login control configuration example

Network requirements

As shown in

Figure 57

, configure an ACL on SecPath to permit only incoming Telnet packets sourced from

Host A and Host B.

Figure 57 Network diagram

Configuration procedure

# Configure basic ACL 2000, and configure rule 1 to permit packets sourced from Host B, and rule 2 to

permit packets sourced from Host A.

system-view
[Sysname] acl number 2000 match-order config
[Sysname-acl-basic-2000] rule 1 permit source 10.110.100.52 0
[Sysname-acl-basic-2000] rule 2 permit source 10.110.100.46 0
[Sysname-acl-basic-2000] quit

# Reference ACL 2000 in user interface view to allow Telnet users from Host A and Host B to access
SecPath .

[Sysname] user-interface vty 0 4
[Sysname-ui-vty0-4] acl 2000 inbound

This manual is related to the following products:

H3C SecPath F5000-A5 Firewall H3C SecPath F1000-A-EI H3C SecPath F1000-E-SI H3C SecPath F1000-S-AI H3C SecPath F5000-S Firewall H3C SecPath F5000-C Firewall H3C SecPath F100-C-SI H3C SecPath F1000-C-SI H3C SecPath F100-A-SI H3C SecBlade FW Cards H3C SecBlade FW Enhanced Cards H3C SecPath U200-A U200-M U200-S H3C SecPath U200-CA U200-CM U200-CS