Filter
Top Products
368 CHAPTER 19: ACL CONFIGURATION
Controlling Telnet using Source MAC
This configuration can be implemented by means of Layer 2 ACL, which ranges from
4000 to 4999. For the definition of ACL, refer to ACL part.
Configuration Example
Network requirements
Only Telnet users from 10.110.100.52 and 10.110.100.46 can access the switch.
Network diagram
Figure 92 Perform ACL control over Telnet users of the switch
Configuration Procedure
1 Define the basic ACL.
[S5500] acl number 2000 match-order config
[S5500-acl-basic-2000] rule 1 permit source 10.110.100.52 0
[S5500-acl-basic-2000] rule 2 permit source 10.110.100.46 0
[S5500-acl-basic-2000] rule 3 deny source any
[S5500-acl-basic-2000] quit
2 Reference an ACL.
[S5500] user-interface vty 0 4
[S5500-ui-vty0-4] acl 2000 inbound
Table 390 Control Telnet using Source MAC
Configuration
Procedure
Command Description
Enter system view system-view —
Create or enter Layer
2 ACL view
acl number acl-number —
Define the subset
principle
rule [ rule-id ] { permit | deny } [
[ type protocol-type type-mask |
lsap lsap-type type-mask ] |
format-type | cos cos | source {
source-vlan-id | source-mac-addr
source-mac-mask }* | dest {
dest-mac-addr dest-mac-mask } |
time-range name ]*
Required.
Users can configure the filtering rules
for the related source MAC based on
actual requirements.
Exit ACL view quit —
Enter user interface
view
user-interface [ type ]
first-number [ last-number ]
—
Reference an ACL,
and control Telnet
using source MAC
acl acl-number { inbound |
outbound }
Required.
inbound: Perform ACL control over
users Telnetting to the local switch.
outbound: Performs ACL control over
users Telnetting to other switches from
the local switch.
Internet
Switch