User login control

User login control methods

The device provides the following login control methods.

Login Through

Login control methods

ACL used

Web

Configuring source IP-based login control over web

Basic ACL

users

 

 

 

 

 

Configuring login control over Telnet users

Configuration preparation

Before configuration, determine the permitted or denied source IP addresses, source MAC addresses, and destination IP addresses.

Configuring source IP-based login control over Telnet users

Because basic ACLs match the source IP addresses of packets, you can use basic ACLs to implement source IP-based login control over Telnet users. Basic ACLs are numbered from 2000 to 2999. For more information about ACL, see the ACL and QoS Configuration Guide.

Follow these steps to configure source IP-based login control over Telnet users:

To do…

Use the command…

Remarks

Enter system view

system-view

 

 

 

Create a basic ACL and enter its

acl [ ipv6 ] number acl-number

Required

view, or enter the view of an

[ match-order { config auto } ]

By default, no basic ACL exists.

existing basic ACL

 

 

 

 

 

 

rule [ rule-id] { permit deny }

 

Configure rules for this ACL

[ source { sour-addr sour-wildcard

Required

any } time-range time-name

 

 

 

fragment logging ]*

 

 

 

 

Exit the basic ACL view

quit

 

 

 

 

78