User login control, User login control overview, Configuring login control over telnet users – H3C Technologies H3C SecBlade NetStream Cards User Manual
Page 65: Configuration preparation
50
User login control
This chapter includes these sections:
•
•
Configuring login control over telnet users
•
Configuring source IP-based login control over NMS users
User login control overview
The SecBlade card provides the following login control methods.
Login Through Login control methods
ACL used
Telnet
Configuring source IP-based login control over telnet users
Basic ACL
Configuring source and destination IP-based login control
over telnet users
Advanced ACL
Configuring source MAC-based login control over telnet
users
Ethernet frame header ACL
NMS
Configuring source IP-based login control over NMS users
Basic ACL
Configuring login control over telnet users
Configuration preparation
Before configuration, determine the permitted or denied source IP addresses, source MAC addresses,
and destination IP addresses.
Configuring source IP-based login control over telnet users
Basic ACLs match the source IP addresses of packets, so you can use basic ACLs to implement source
IP-based login control over telnet users. Basic ACLs are numbered from 2000 to 2999. For more
information about ACL, see the NetStream Configuration Guide.
Follow these steps to configure source IP-based login control over telnet users:
To do…
Use the command…
Remarks
Enter system view
system-view —
Create a basic ACL and enter its
view, or enter the view of an
existing basic ACL
acl number acl-number
[ match-order { config | auto } ]
Required
By default, no basic ACL exists.
Configure rules for this ACL
rule [ rule-id ] { permit | deny }
[ source { sour-addr sour-wildcard
| any } | time-range time-name |
fragment | logging ]*
Required