HP 6125G HP 6125G & 6125G/XG Blade Switches Fundamentals Configuration - Page 71
Controlling user logins, Configuring source IP-based Telnet login control
View all HP 6125G manuals
Add to My Manuals
Save this manual to your list of manuals |
Page 71 highlights
Controlling user logins To harden device security, use ACLs to prevent unauthorized logins. For more information about ACLs, see ACL and QoS Configuration Guide. Controlling Telnet logins Use a basic ACL (2000 to 2999) to filter Telnet traffic by source IP address. Use an advanced ACL (3000 to 3999) to filter Telnet traffic by source and/or destination IP address. Use an Ethernet frame header ACL (4000 to 4999) to filter Telnet traffic by source MAC address. To access the device, a Telnet user must match a permit statement in the ACL applied to the user interface. Configuring source IP-based Telnet login control Step 1. Enter system view. 2. Create a basic ACL and enter its view, or enter the view of an existing basic ACL. Command system-view acl [ ipv6 ] number acl-number [ match-order { config | auto } ] Remarks N/A By default, no basic ACL exists. 3. Configure an ACL rule. rule [ rule-id ] { permit | deny } [ source { sour-addr sour-wildcard | any } | time-range time-name | fragment | logging ]* By default, a basic ACL does not contain any rule. 4. Exit the basic ACL view. quit N/A 5. Enter user interface view. user-interface [ type ] first-number [ last-number ] 6. Use the ACL to control user acl [ ipv6 ] acl-number { inbound | logins by source IP address. outbound } N/A • inbound: Filters incoming packets. • outbound: Filters outgoing packets. Configuring source/destination IP-based Telnet login control Step 1. Enter system view. 2. Create an advanced ACL and enter its view, or enter the view of an existing advanced ACL. Command system-view acl [ ipv6 ] number acl-number [ match-order { config | auto } ] 3. Configure an ACL rule. rule [ rule-id ] { permit | deny } rule-string Remarks N/A By default, no advanced ACL exists. N/A 65