3com 8807 Reference Guide

C

HAPTER

 18: ACL C

ONTROL

 C

OMMANDS

 

TO

 C

ONTROL

 L

OGIN

 U

SERS

you use the rules of a basic or advanced ACL, only the source IP address and its 
mask, the destination IP address and its mask, and the time-range parameter 
in them are valid. Similarly, when you use Layer 2 ACLs to implement the ACL 
control to the users accessing through Telnet or SSH, incoming/outgoing 
requests are restricted based on the source MAC addresses. Therefore, when 
you use the rules of a Layer 2 ACL, only the source MAC address and its mask 
and the time-range parameter are valid.

■

When you use a Layer 2 ACL to implement ACL control to the users accessing 
through Telnet or SSH, only incoming requests are restricted.

■

If a user fails to log in due to ACL restriction, the system logs the failure, 
including the IP address, login method, user interface index value and the 
cause.

By default, the system does not restrict incoming/outgoing requests.

# Perform ACL control to the users who access the local switch through Telnet 
(assuming that ACL 2000 is previously created).

<SW8800> system-view

 

System View: return to User View with Ctrl+Z.

 

[SW8800] user-interface vty 0 4

 

[3Com-user-interface-vty0-4] acl 2000 inbound 

snmp-agent community { read | write } community-name [ mib-view 
view-name ] [ acl acl-number ]

undo snmp-agent community community-name

System view

read: Indicates that this community name has the read-only right within the 
specified view.

write: Indicates that this community name has the read-write right within the 
specified view.

community-name: Community name, consisting of 1 to 32 characters.

mib-view: Set the MIB view name which can be accessed by the community 
name.

view-name: MIB view name, consisting of 1 to 32 characters.

acl acl-number: The number identifier of basic number-based ACLs, ranging from 
2000 to 2999.