Operation Manual – LoginH3C S5600 Series Ethernet Switches Chapter 8 User Control8-28.2 Controlling Telnet Users8.2.1 PrerequisitesThe controlling policy against Telnet users is determined, including the source IPaddresses, destination IP addresses and source MAC addresses to be controlled andthe controlling actions (permitting or denying).8.2.2 Controlling Telnet Users by Source IP AddressesControlling Telnet users by source IP addresses is achieved by applying basic ACLs,which are numbered from 2000 to 2999.Follow these steps to control Telnet users by source IP addresses:To do… Use the command… RemarksEnter system view system-view —Create a basic ACL orenter basic ACL viewacl number acl-number[ match-order { auto |config } ]As for the acl numbercommand, the config keywordis specified by default.Define rules for theACLrule [ rule-id ] { deny |permit } [ rule-string ] RequiredQuit to system view quit —Enter user interfaceviewuser-interface [ type ]first-number[ last-number ]—Apply the ACL tocontrol Telnet users bysource IP addressesacl acl-number{ inbound | outbound }RequiredThe inbound keywordspecifies to filter the userstrying to Telnet to the currentswitch.The outbound keywordspecifies to filter users trying toTelnet to other switches fromthe current switch.8.2.3 Controlling Telnet Users by Source and Destination IP AddressesControlling Telnet users by source and destination IP addresses is achieved byapplying advanced ACLs, which are numbered from 3000 to 3999.Follow these steps to control Telnet users by source and destination IP addresses: