R3166-R3206-HP High-End Firewalls Getting Started Guide-6PW101

ManualsBrandsHP ManualsComputer AccessoriesHP 7100/7200 IPsec dl Module

121

122

123

124

125

126

127

128

129

130

115

To do… Use the command…

Remarks

Configure rules for this ACL

rule [ rule-id ] { permit | deny }

[ source { sour-addr sour-wildcard

| any } | time-range time-name |

fragment | logging ]*

Required

Exit the basic ACL view

quit —

Enter user interface view

user-interface [ type ] first-number

[ last-number ]

—

Use the ACL to control user login

by source IP address

acl [ ipv6 ] acl-number { inbound |

outbound }

Required

inbound: Filters incoming Telnet

packets.

outbound: Filters outgoing Telnet

packets.

Configuring source and destination IP-based login control over Telnet users

Advanced ACLs can match both source and destination IP addresses of packets. You can use advanced

ACLs to implement source and destination IP-based login control over Telnet users. Advanced ACLs are

numbered from 3000 to 3999.

Follow these steps to configure source and destination IP-based login control over Telnet users:

To do… Use the command…

Remarks

Enter system view system-view —

Create an advanced ACL and

enter its view, or enter the view of

an existing advanced ACL

acl [ ipv6 ] number acl-number

[ match-order { config | auto } ]

Required

By default, no advanced ACL

exists.

Configure rules for the ACL

rule [ rule-id ] { permit | deny }

rule-string

Required

Exit advanced ACL view quit —

Enter user interface

user-interface [ type ] first-number

[ last-number ]

—

Use the ACL to control user login

by source and destination IP

addresses

acl [ ipv6 ] acl-number { inbound |

outbound }

Required

inbound: Filters incoming Telnet

packets.

outbound: Filters outgoing Telnet

packets.

Configuring source MAC-based login control over Telnet users

Ethernet frame header ACLs can match the source MAC addresses of packets, so you can use Ethernet

frame header ACLs to implement source MAC-based login control over Telnet users. Ethernet frame

header ACLs are numbered from 4000 to 4999.

Follow these steps to configure source MAC-based login control over Telnet users:

To do… Use the command…

Remarks

Enter system view system-view —