7-3
Controlling Telnet Users by Source MAC Addresses Controlling Telnet users by source MAC addresses is achieved by applying Layer 2 ACLs, which are
numbered from 4000 to 4999.
Follow these steps to control Telnet users by source MAC addresses:
To do… Use the command… Remarks
Enter system view system-view —
Create or enter Layer 2 ACL
view acl number acl-number —
Define rules for the ACL rule [ rule-id ] { deny |
permit } [ rule-string ]
Required
You can define rules as needed to
filter by specific source MAC
addresses.
Quit to system view quit —
Enter user interface view user-interface [ type ]
first-number [ last-number ] —
Apply the ACL to control
Telnet users by specified
source MAC addresses acl acl-number inbound Required
By default, no ACL is applied for
Telnet users.
Network requirements
As shown in Figure 7-1, only the Telnet users sourced from the IP address of 10.110.100.52 are
permitted to access the switching engine.
Figure 7-1 Network diagram for controlling Telnet users using ACLs
Configuration procedure
# Define a basic ACL.
<device> system-view
[device] acl number 2000
[device-acl-basic-2000] rule 1 permit source 10.110.100.52 0
[device-acl-basic-2000] quit
# Apply the ACL.
[device] user-interface vty 0 4
[device-ui-vty0-4] acl 2000 inbound