H3C WA4300 Series, Fundamentals Configuration Manual

Page: 60 / 119

33
Step Command Remarks
1. Enter system view.
system-view N/A
2. Create an advanced ACL and
enter its view, or enter the view
of an existing advanced ACL.
acl [ ipv6 ] number
acl-number
[ name
name
] [ match-order
{ config | auto } ]
By default, no advanced ACL
exists.
3. Configure an ACL rule.
rule [
rule-id
] { permit | deny }
rule-string
N/A
4. Exit advanced ACL view.
quit N/A
5. Enter user interface view.
user-interface [
type
]
first-number
[ last-number ]
N/A
6. Apply the ACL to the user
interfaces.
acl [ ipv6 ]
acl-number
{ inbound |
outbound }
•
inbound : Filters incoming
Telnet packets.
•
outbound : Filters outgoing
Telnet packets.
Configuring source MAC-based Telnet login control
Ethernet frame header ACLs apply to Telnet traffic only if the Telnet client and server are located in the
same subnet.
To configure source MAC-based Telnet login control:
Step Command Remarks
1. Enter system view.
system-view N/A
2. Create an Ethernet frame
header ACL and enter its view.
acl number
acl-number
[ name
name ] [ match-order { config |
auto } ]
By default, no Ethernet frame
header ACL exists.
3. Configure an ACL rule.
rule [
rule-id
] { permit | deny }
rule-string
N/A
4. Exit Ethernet frame header
ACL view.
quit N/A
5. Enter user interface view.
user-interface [
type
]
first-number
[
last-number
]
N/A
6. Use the ACL to control user
logins by source MAC
address.
acl
acl-number
inbound inbound : Filters incoming packets.
Telnet login control configuration example
Network requirements
Configure the AP in Figure 14 to permit only incoming Telnet packets sourced from Host A and Host B.