Manualshelf

R3721-F3210-F3171-HP High-End Firewalls Getting Started Guide-6PW101

ManualsBrandsHP ManualsComputer AccessoriesHP 7100/7200 IPsec dl Module
919293949596979899100
92
Ste
p
Command
Remarks
4. Exit the advanced ACL view.
quit N/A
5. Enter user interface view.
user-interface [ type ] first-number
[ last-number ]
N/A
6. Use the ACL to control user
login by source MAC
address.
acl acl-number inbound
inbound: Filters incoming Telnet
packets.
NOTE:
The configuration does not take effect if the Telnet client and server are not in the same subnet.
Source MAC-based Telnet login control configuration example
Network requirements
As shown in Figure 57, configure an ACL on Firewall to permit only incoming Telnet packets sourced from
Host A and Host B.
Figure 57 Network diagram
Configuration procedure
# Configure basic ACL 2000, and configure rule 1 to permit packets sourced from Host B, and rule 2 to
permit packets sourced from Host A.
<Sysname> system-view
[Sysname] acl number 2000 match-order config
[Sysname-acl-basic-2000] rule 1 permit source 10.110.100.52 0
[Sysname-acl-basic-2000] rule 2 permit source 10.110.100.46 0
[Sysname-acl-basic-2000] quit
# Reference ACL 2000 in user interface view to allow Telnet users from Host A and Host B to access
Firewall .
[Sysname] user-interface vty 0 4
[Sysname-ui-vty0-4] acl 2000 inbound
Configuring source IP-based SNMP login control
You can log in to the NMS to remotely manage the devices. SNMP is used for communication between
the NMS and the agent that resides in the device. By using the ACL, you can control SNMP user access
to the device.
IP network
Firewall
Host B
10.110.100.52
Host A
10.110.100.46