7-17 Controlling Login UsersWhen controlling login users, go to these sections for information you are interested in:z Introductionz Controlling Telnet Usersz Controlling Network Management Users by Source IP AddressesIntroductionMultiple ways are available for controlling different types of login users, as listed in Table 7-1.Table 7-1 Ways to control different types of login usersLogin mode Control method Implementation Related sectionBy source IP addresses Through basicACLsControlling Telnet Users bySource IP AddressesBy source and destinationIP addressesThrough advancedACLsControlling Telnet Users bySource and Destination IPAddressesTelnetBy source MAC addresses Through Layer 2ACLsControlling Telnet Users bySource MAC AddressesSNMP By source IP addresses Through basicACLsControlling NetworkManagement Users by SourceIP AddressesControlling Telnet UsersPrerequisitesThe controlling policy against Telnet users is determined, including the source and destination IPaddresses to be controlled and the controlling actions (permitting or denying).Controlling Telnet Users by Source IP AddressesThis configuration needs to be implemented by basic ACL; a basic ACL ranges from 2000 to 2999. Forthe definition of ACL, refer to ACL Configuration in the Security Volume.Follow these steps to control Telnet users by source IP addresses:To do… Use the command… RemarksEnter system view system-view —Create a basic ACL or enterbasic ACL viewacl [ ipv6 ] number acl-number[ match-order { config |auto } ]As for the acl numbercommand, the config keywordis specified by default.