8-3
Controlling Telnet Users by Source MAC Addresses
This configuration needs to be implemented by Layer 2 ACL; a Layer 2 ACL ranges from 4000 to 4999.
For the definition of ACL, refer to
ACL Configuration
in the
Security Volume
.
Follow these steps to control Telnet users by source MAC addresses:
To do…
Use the command…
Remarks
Enter system view
system-view
—
Create a basic ACL or enter
basic ACL view
acl
number
acl-number
[
match-order
{
config
|
auto
} ]
As for the
acl number
command, the
config
keyword
is specified by default.
Define rules for the ACL
rule
[
rule-id
] {
permit
|
deny
}
rule-string
Required
You can define rules as needed
to filter by specific source MAC
addresses.
Quit to system view
quit
—
Enter user interface view
user-interface
[
type
]
first-number
[
last-number
]
—
Apply the ACL to control Telnet
users by source MAC
addresses
acl
acl-number inbound
Required
The
inbound
keyword
specifies to filter the users
trying to Telnet to the current
switch.
Layer 2 ACL is invalid for this function if the source IP address of the Telnet client and the interface IP
address of the Telnet server are not in the same subnet.
Configuration Example
Network requirements
Only the Telnet users sourced from the IP address of 10.110.100.52 and 10.110.100.46 are permitted to
log in to the switch.
Summary of Contents for S7902E
Page 82: ...1 4 DeviceA interface tunnel 1 DeviceA Tunnel1 service loopback group 1 ...
Page 200: ...1 11 DeviceB display vlan dynamic No dynamic vlans exist ...
Page 598: ...ii ...
Page 1757: ...4 9 ...
Page 1770: ...6 4 ...
Page 2017: ...2 11 Figure 2 3 SFTP client interface ...
Page 2238: ...1 16 DeviceA cfd linktrace service instance 1 mep 1001 target mep 4002 ...