7-2To do… Use the command… RemarksEnter system view system-view —Create a basic ACL orenter basic ACL viewacl number acl-number[ match-order { config | auto } ]As for the acl number command,the config keyword is specified bydefault.Define rules for theACLrule [ rule-id ] { deny | permit }[ rule-string ] RequiredQuit to system view quit —Enter user interfaceviewuser-interface [ type ] first-number[ last-number ] —Apply the ACL tocontrol Telnet users bysource IP addressesacl acl-number { inbound |outbound }RequiredThe inbound keyword specifies tofilter the users trying to Telnet to thecurrent switching engine.The outbound keyword specifies tofilter users trying to Telnet to otherdevices from the current switchingengine.Controlling Telnet Users by Source and Destination IP AddressesControlling Telnet users by source and destination IP addresses is achieved by applying advancedACLs, which are numbered from 3000 to 3999.Follow these steps to control Telnet users by source and destination IP addresses:To do… Use the command… RemarksEnter system view system-view —Create an advancedACL or enter advancedACL viewacl number acl-number[ match-order { config | auto } ]As for the acl number command, theconfig keyword is specified bydefault.Define rules for theACLrule [ rule-id ] { deny | permit }protocol [ rule-string ]RequiredYou can define rules as needed tofilter by specific source anddestination IP addresses.Quit to system view quit —Enter user interfaceviewuser-interface [ type ]first-number [ last-number ] —Apply the ACL tocontrol Telnet users byspecified source anddestination IPaddressesacl acl-number { inbound |outbound }RequiredThe inbound keyword specifies tofilter the users trying to Telnet to thecurrent switching engine.The outbound keyword specifies tofilter users trying to Telnet to otherdevices from the current switchingengine.
