HP VPN Firewall Appliances Getting Started Command Reference

103

User management commands

acl (user interface view)

Use acl to reference ACLs to control access to the VTY user interface.

Use undo acl to cancel the ACL application.

Syntax

To use a basic or advanced ACL:

acl [ ipv6 ] acl-number { inbound | outbound }

undo acl [ ipv6 ] acl-number { inbound | outbound }

To use an Ethernet frame header ACL:

acl acl-number inbound

undo acl acl-number inbound

Default

Access to the VTY user interface is not restricted.

Views

VTY user interface view

Default command level

2: System level

Parameters

ipv6: When this keyword is present, the command supports IPv6; otherwise, it supports IPv4.

acl-number: Specifies the number of the ACL:

• Basic ACL—2000 to 2999.

• Advanced ACL—3000 to 3999.

• Ethernet frame header ACL—4000 to 4999.

inbound: Restricts Telnet or SSH connections established in the inbound direction through the VTY user

interface. If the received packets for establishing a Telnet or SSH connection are permitted by an ACL rule,

the connection is allowed to be established. When the device functions as a Telnet server or SSH server,

use this keyword to control access of Telnet clients or SSH clients.

outbound: Restricts Telnet connections established in the outbound direction through the VTY user

interface. If the packets sent for establishing a Telnet connection are permitted by an ACL rule, the

connection is allowed to be established. When the device is operating as a Telnet client, use this keyword

to define Telnet servers accessible to the client.

Usage guidelines

If no ACL is referenced in VTY user interface view, the VTY user interface has no access control over

establishing a Telnet or SSH connection.