Operation Manual – Login
H3C S3610&S5510 Series Ethernet Switches
Chapter 8 Controlling Login Users
8-2
To do…
Use the command…
Remarks
Enter system view
system-view
—
Create a basic ACL or
enter basic ACL view
acl
[
ipv6
]
number
acl-number
[
match-order
{
config
|
auto
} ]
As for the
acl number
command, the
config
keyword is specified by
default.
Define rules for the ACL
rule
[
rule-id
] {
permit
|
deny
} [
source
{
sour-addr sour-wildcard
|
any
} |
time-range
time-name
|
fragment
|
logging
]*
Required
Quit to system view
quit
—
Enter user interface view
user-interface
[
type
]
first-number
[
last-number
]
—
Apply the ACL to control
Telnet users by source IP
addresses
acl
[
ipv6
]
acl-number
{
inbound
|
outbound
}
Required
The
inbound
keyword
specifies to filter the users
trying to Telnet to the
current switch.
The
outbound
keyword
specifies to filter users
trying to Telnet to other
switches from the current
switch.
8.2.3 Controlling Telnet Users by Source and Destination IP Addresses
Controlling Telnet users by source and destination IP addresses is achieved by
applying advanced ACLs, which are numbered from 3000 to 3999. Refer to the ACL
module for information about defining an ACL.
To do…
Use the command…
Remarks
Enter system view
system-view
—
Create an advanced ACL
or enter advanced ACL
view
acl
[
ipv6
]
number
acl-number
[
match-order
{
config
|
auto
} ]
As for the
acl number
command, the
config
keyword is specified by
default.
Define rules for the ACL
rule
[
rule-id
] {
permit
|
deny
}
rule-string
Required
You can define rules as
needed to filter by specific
source and destination IP
addresses.