13
Login management commands
In R1808P12 and later versions, the device supports the FIPS mode that complies with NIST FIPS 140-2
requirements. Support for features, commands, and parameters might differ in FIPS mode and non-FIPS
mode. For more information about FIPS mode, see
Security Configuration Guide
.
Telnet and HTTP are not supported in FIPS mode.
Unless otherwise stated, devices in the configuration examples of this chapter are operating in non-FIPS
mode.
acl (user interface view)
Use
acl
to reference ACLs to control access to the VTY user interface.
Use
undo acl
to cancel the ACL application.
Syntax
To use a basic or advanced ACL:
acl
[
ipv6
]
acl-number
{
inbound
|
outbound
}
undo acl
[
ipv6
]
acl-number
{
inbound
|
outbound
}
To use an Ethernet frame header ACL:
acl
acl-number
inbound
undo acl
acl-number
inbound
Default
Access to the VTY user interface is not restricted.
Views
VTY user interface view
Default command level
2: System level
Parameters
ipv6
: If this keyword is present, the command supports IPv6. Otherwise, it supports IPv4.
acl-number
: Specifies the number of the ACL:
•
Basic ACL
—2000 to 2999
•
Advanced ACL
—3000 to 3999
•
Ethernet frame header ACL
—4000 to 4999
inbound
: Restricts Telnet or SSH connections established in the inbound direction through the VTY user
interface. If the received packets for establishing a Telnet or SSH connection are permitted by an ACL rule,
the connection is allowed to be established. When the device functions as a Telnet server or SSH server,
use this keyword to control access of Telnet clients or SSH clients.
outbound
: Restricts Telnet connections established in the outbound direction through the VTY user
interface. If the packets sent for establishing a Telnet connection are permitted by an ACL rule, the
