Manualshelf

R3721-F3210-F3171-HP High-End Firewalls Getting Started Guide-6PW101

ManualsBrandsHP ManualsComputer AccessoriesHP 7100/7200 IPsec dl Module
919293949596979899100
91
Ste
p
Command
Remarks
5. Enter user interface view.
user-interface [ type ] first-number
[ last-number ]
N/A
6. Use the ACL to control user
login by source IP address.
acl [ ipv6 ] acl-number { inbound |
outbound }
inbound: Filters incoming Telnet
packets.
outbound: Filters outgoing Telnet
packets.
Configuring source and destination IP-based Telnet login control
Advanced ACLs can match both source and destination IP addresses of packets, so you can use
advanced ACLs to implement source and destination IP-based login control over Telnet users. Advanced
ACLs are numbered from 3000 to 3999. For more information about ACL, see Access Control
Configuration Guide.
To configure source and destination IP-based Telnet login control:
Ste
p
Command
Remarks
1. Enter system view.
system-view N/A
2. Create an advanced ACL and
enter its view, or enter the
view of an existing advanced
ACL.
acl [ ipv6 ] number acl-number
[ name acl-name ] [ match-order
{ config | auto } ]
By default, no advanced ACL
exists.
3. Configure rules for the ACL.
rule [ rule-id ] { permit | deny }
rule-string
N/A
4. Exit advanced ACL view.
quit N/A
5. Enter user interface.
user-interface [ type ] first-number
[ last-number ]
N/A
6. Use the ACL to control user
login by source and
destination IP addresses.
acl [ ipv6 ] acl-number { inbound |
outbound }
inbound: Filters incoming Telnet
packets.
outbound: Filters outgoing Telnet
packets.
Configuring source MAC-based Telnet login control
Ethernet frame header ACLs can match the source MAC addresses of packets, so you can use Ethernet
frame header ACLs to implement source MAC-based login control over Telnet users. Ethernet frame
header ACLs are numbered from 4000 to 4999. For more information about ACL, see Access Control
Configuration Guide.
To configure source MAC-based Telnet login control:
Ste
p
Command
Remarks
1. Enter system view.
system-view N/A
2. Create an Ethernet frame
header ACL and enter its
view.
acl number acl-number [ name
acl-name ] [ match-order { config |
auto } ]
By default, no Ethernet frame
header ACL exists.
3. Configure rules for the ACL.
rule [ rule-id ] { permit | deny }
rule-string
N/A