beautypg.com

Configuration preparation – H3C Technologies H3C SecBlade NetStream Cards User Manual

Page 68

background image

53

# Reference ACL 2000 in user interface view to allow telnet users from Host A and Host B to access the

SecBlade card.

[SecBlade] user-interface vty 0 4
[SecBlade-ui-vty0-4] acl 2000 inbound

Configuring source IP-based login control over
NMS users

You can log in to the NMS to remotely manage the SecBlade cards. SNMP is used for communication

between the NMS and the agent that resides in the SecBlade card. By using the ACL, you can control

SNMP user access to the SecBlade card.

Configuration preparation

Before configuration, determine the permitted or denied source IP addresses.

Configuring source IP-based login control over NMS users

Basic ACLs match the source IP addresses of packets, so you can use basic ACLs to implement source

IP-based login control over NMS users. Basic ACLs are numbered from 2000 to 2999. For more
information about ACL, see the NetStream Configuration Guide.
Follow these steps to configure source IP-based login control over NMS users:

To do…

Use the command…

Remarks

Enter system view

system-view —

Create a basic ACL and enter
its view, or enter the view of
an existing basic ACL

acl number acl-number [ match-order
{ config | auto } ]

Required
By default, no basic ACL
exists.

Create rules for this ACL

rule [ rule-id ] { permit | deny } [ source
{ sour-addr sour-wildcard | any } |

time-range time-name | fragment |

logging ]*

Required

Exit the basic ACL view

quit

Associate this SNMP
community with the ACL

snmp-agent community { read | write }
community-name [ acl acl-number |

mib-view view-name ]*

Required
You can associate the ACL
when creating the

community, the SNMP group,

and the user.
For more information about

SNMP, see the System
Management and

Maintenance Configuration

Guide.

Associate the SNMP group
with the ACL

snmp-agent group { v1 | v2c } group-name
[ read-view read-view ] [ write-view
write-view ] [ notify-view notify-view ] [ acl

acl-number ]
snmp-agent group v3 group-name

[ authentication | privacy ] [ read-view
read-view ] [ write-view write-view ]

[ notify-view notify-view ] [ acl acl-number ]

This manual is related to the following products:
See also other documents in the category H3C Technologies Safety: