3Com Switch 4200G Configuration Guide
7
CONTROLLING LOGIN USERS
Introduction A switch provides ways to control different types of login users, as listed in Table 24.
Controlling Telnet
Users
Prerequisites The controlling policy against Telnet users is determined, including the source and
destination IP addresses to be controlled and the controlling actions (permitting or
denying).
Controlling Telnet Users
by Source IP Addresses
Controlling Telnet users by source IP addresses is achieved by applying basic ACLs,
which are numbered from 2000 to 2999.
Table 24 Ways to control different types of login users
Login mode Control method Implementation Related section
Telnet By source IP addresses Through basic ACLs Controlling Telnet Users by
Source IP Addresses
By source and
destination IP addresses
Through advanced
ACLs
Controlling Telnet Users by
Source and Destination IP
Addresses
SNMP By source IP addresses Through basic ACLs Controlling Network
Management Users by Source IP
Addresses
WEB By source IP addresses Through basic ACLs Controlling Web Users by
Source IP Address.
Disconnect Web users by
force
By executing
commands in CLI
Disconnecting a Web User by
Force.
Table 25 Control Telnet users by source IP addresses
Operation Command Description
Enter system view system-view
Create a basic ACL or
enter basic ACL view
acl number acl-number [
match-order { config | auto }]
As for the acl number command,
the config keyword is specified by
default.
Define rules for the
ACL
rule [ rule-id ] { permit | deny } [
source { sour-addr sour-wildcard
| any }] [ time-range
time-name ] [ fragment ]
Required
Quit to system view quit
Enter user interface
view
user-interface [ type ]
first-number [ last-number ]
Apply the ACL to
control Telnet users by
source IP addresses
acl acl-number { inbound |
outbound }
Required
The inbound keyword specifies to
filter the users trying to Telnet to
the current switch.
The outbound keyword specifies
to filter users trying to Telnet to
other switches from the current
switch.