Switch 7700 Configuration Guide

ManualsBrandsHP ManualsComputer AccessoriesHP ProCurve Switch Gigabit-LX Module

161

162

163

164

165

166

167

168

169

170

User LogonACL Control Configuration 155

At the first level, the user connection is controlled with an ACL filter and only legal

users can be connected to the switch. At the second level, a connected user can

log on to the device only if the user can pass the password authentication.

This chapter introduces how to configure the first level security control to filter the

logon users with ACL. For the information about how to configure the first level

security, refer to

“System Access”.

Configure ACL Control

over the TELNET User

Configuring ACL control over the TELNET users can help filter the malicious and

illegal connection requests before the password authentication and ensure the

device security.

The steps to control TELNET users with ACL are described in the following

sections:

■ Define ACL

■ Call ACL to Control TELNET Users

Define ACL

To implement the ACL control function, you can only call the numbered basic ACL,

ranging from 1 to 99.

Perform the following configuration in system view.

In the defining process, you can configure several rules for an ACL, using the rule

command repeatedly.

Call ACL to Control TELNET Users

To control TELNET users with ACL, you can call the defined ACL in user-interface

view.

You can use the following command to call an ACL.

Perform the following configuration in the designated view.

Tabl e 18 Define Basic ACL

Operation Command

Enter basic ACL view(from system

view)

acl { number acl-number | name acl-name basic ip } [

match-order { config | auto } ]

Add a sub-item to the ACL(from

basic ACL view)

rule [ rule-id ] { permit | deny } [ source source-addr

source-wildcard | any ] [ fragment ] [ time-range name

]

Delete a sub-item from the

ACL(from basic ACL view)

undo rule rule-id [ source ] [ fragment ] [ time-range ]

Delete one ACL or all the ACL(from

system view)

undo acl { number acl-number | name acl-name | all }

Tabl e 19 Call ACL to Control TELNET Users

Operation Command

Enter user-interface view (from

system view)

user-interface [ type ] first-number [ last-number ]