Configuring a local user at the cli, Controlling user logins, Configuring telnet login control – H3C Technologies H3C SecPath F1000-E User Manual

Page 98: Configuring source ip-based telnet login control

Configuring a local user at the CLI

For more information, see Access Control Configuration Guide.

Controlling user logins

User login control configuration is only available at the CLI.
The device provides the following login control methods:

ACL used

Telnet

Basic ACL

Advanced ACL

Ethernet frame header ACL

NMS

Basic ACL

Web

Basic ACL

Configuring Telnet login control

Before configuration, determine the permitted or denied source IP addresses, source MAC addresses,
and destination IP addresses.

Configuring source IP-based Telnet login control

Basic ACLs match the source IP addresses of packets, so you can use basic ACLs to implement source

IP-based login control over Telnet users. Basic ACLs are numbered from 2000 to 2999. For more

information about ACL, see Access Control Configuration Guide.
To configure source IP-based Telnet login control:

Step Command

Remarks

Enter system view.

system-view N/A

Create a basic ACL and enter
its view, or enter the view of

an existing basic ACL.

acl [ ipv6 ] number acl-number
[ name acl-name ] [ match-order

{ config | auto } ]

By default, no basic ACL exists.

Configure rules for this ACL.

rule [ rule-id ] { permit | deny }
[ source { sour-addr sour-wildcard

| any } | time-range time-name |
fragment | logging ]*

N/A

Exit the basic ACL view.

quit

N/A

Enter user interface view.

user-interface [ type ] first-number
[ last-number ]

N/A

This manual is related to the following products: