H3c-technologies H3C SecBlade NetStream Cards Manual de usuario Pagina 65
- Pagina / 349
- Tabla de contenidos
- MARCADORES
Valorado. / 5. Basado en revisión del cliente
50
User login control
This chapter includes these sections:
• User login control overview
• Configuring login control over telnet users
• Configuring source IP-based login control over NMS users
User login control overview
The SecBlade card provides the following login control methods.
Lo
g
in Throu
g
h Lo
g
in control methods
ACL used
Telnet
Configuring source IP-based login co
ntrol over telnet users
Basic ACL
Configuring source and destination IP-based login control
over telnet users
Advanced ACL
Configuring source MAC-based login control over telnet
users
Ethernet frame header ACL
NMS Configuring source IP-based login control over NMS users
Basic ACL
Configuring login control over telnet users
Configuration preparation
Before configuration, determine the permitted or denied source IP addresses, source MAC addresses,
and destination IP addresses.
Configuring source IP-based login control over telnet users
Basic ACLs match the source IP addresses of packets, so you can use basic ACLs to implement source
IP-based login control over telnet users. Basic ACLs are numbered from 2000 to 2999. For more
information about ACL, see the NetStream Configuration Guide.
Follow these steps to configure source IP-based login control over telnet users:
To do… Use the command…
Remarks
Enter system view system-view —
Create a basic ACL and enter its
view, or enter the view of an
existing basic ACL
acl number acl-number
[ match-order { config | auto } ]
Required
By default, no basic ACL exists.
Configure rules for this ACL
rule [ rule-id ] { permit | deny }
[ source { sour-addr sour-wildcard
| any } | time-range time-name |
fragment | logging ]*
Required
- H3C SecBlade NetStream Card 1
- Preface 3
- GUI conventions 4
- Symbols 4
- Network topology icons 4
- Port numbering in examples 4
- Obtaining documentation 5
- Technical support 5
- Documentation feedback 5
- Contents 6
- CLI configuration 16
- Entering the CLI 17
- Command conventions 17
- Undo form of a command 18
- CLI views 18
- Using the CLI online help 19
- Typing commands 20
- Typing incomplete keywords 21
- Configuring command aliases 21
- Configuring CLI hotkeys 22
- System Mana 23
- Maintenance Command Reference 23
- Checking command-line errors 24
- Using command history 24
- Controlling the CLI display 25
- Filtering output information 26
- Character Meanin 27
- Remarks 27
- Login methods 35
- Users and user interfaces 36
- Numbering user interfaces 36
- CLI login 37
- Login procedure 38
- Logging in through telnet 47
- ACSEI timers 58
- ACSEI startup and running 58
- NMS login 61
- NMS login example 63
- User login control 65
- NMS users 68
- Interface configuration 70
- General configuration 71
- IP addressing configuration 80
- Special IP addresses 81
- Subnetting and masking 81
- Configuring IP addresses 82
- 172.16.1.1/24 83
- 172.16.2.1/24 sub 83
- 172.16.1.2/24 83
- 172.16.2.2/24 83
- IP routing overview 85
- Dynamic routing protocols 86
- Routing preference 87
- Route recursion 87
- Static routing configuration 89
- Configuring a static route 90
- What is policy-based routing 93
- Configuring PBR 94
- Configuring local PBR 96
- Configuring interface PBR 96
- VLAN configuration 98
- VLAN fundamentals 99
- VLAN types 100
- Protocols and standards 100
- VLAN interface overview 101
- Configuration procedure 101
- Network requirements 102
- Verification 103
- Port link type 103
- Default VLAN 104
- To do... Use the command… 109
- Remarks 109
- Overview 110
- Working mechanism 115
- Configure the SecBlade card 119
- GE3/0/1 GE3/0/2 121
- XGE2/0/1 121
- ARP configuration 128
- Operation of ARP 129
- Configuring ARP 130
- ARP configuration example 133
- Gratuitous ARP configuration 135
- Configuring gratuitous ARP 136
- Proxy ARP configuration 137
- Local proxy ARP 138
- Enabling proxy ARP 139
- 2. Configure the SecBlade 143
- ACL configuration 144
- Match order 145
- ACL rule numbering 145
- ACL configuration task list 146
- Configuring an ACL 146
- Copying an IPv4 ACL 149
- Packet filtering with ACLs 150
- ACL configuration example 152
- NetStream overview 154
- How NetStream works 155
- Flow aging 155
- NetStream data export 156
- NetStream export formats 157
- NetStream filtering 157
- NetStream sampling 157
- IPv4 NetStream configuration 159
- Enabling IPv4 NetStream 160
- To do… Use the command… 166
- IPv6 NetStream configuration 167
- Configuration considerations 172
- Configuring the host device 173
- Configuring the NSC 175
- 1. Configure the Device 176
- Device management 188
- Configuring the system time 189
- Displaying the system time 189
- Configuring banners 192
- Rebooting the device 195
- Configuring a scheduled task 196
- NOTE: 204
- NTP configuration 205
- How NTP works 206
- NTP message format 207
- Operation modes of NTP 208
- Symmetric peers mode 209
- Broadcast mode 209
- NTP configuration task list 210
- Configuration prerequisites 213
- NTP configuration examples 214
- SecBlade and Device 217
- Automatic configuration 218
- Address acquisition process 220
- File types 221
- TFTP request sending mode 223
- FTP configuration 224
- Configuring the FTP client 225
- 10.1.1.1/16 229
- 10.3.1.1/16 229
- 10.2.1.1/16 229
- Configuring the FTP server 230
- 3. Upgrade SecBlade 233
- TFTP configuration 235
- Configuring the TFTP client 236
- File management 239
- Performing file operations 241
- Renaming a file 242
- Copying a file 242
- Moving a file 242
- Deleting a file 242
- Performing batch operations 243
- Setting prompt modes 245
- Example for file operations 246
- Configuration file overview 247
- Introduction 248
- Configuration rollback 250
- Configuration task list 250
- Device software overview 256
- Software upgrade methods 257
- Basic concepts in hotfix 258
- Patch status 259
- DEACTIVE state 260
- ACTIVE state 260
- RUNNING state 261
- One-step patch installation 262
- Loading a patch file 263
- Activating patches 263
- Confirming running patches 264
- Stopping running patches 264
- Deleting patches 264
- Network requirement 265
- Hotfix configuration example 267
- Configuring ping 268
- Tracert 269
- System debugging 270
- Information center overview 273
- System information format 277
- PRI (priority) 278
- Managing security logs files 287
- 1.1.0.1/16 1.2.0.1/16 290
- SNMP configuration 295
- SNMP configuration task list 296
- Configuring SNMPv3 297
- Configuring SNMP logging 299
- Configuring SNMP traps 299
- Enabling SNMP traps 300
- Configuring trap parameters 300
- SNMP configuration examples 302
- SNMPv3 configuration example 303
- 1.1.1.2/24 304
- XGE4/0/1XGE0/0 304
- 1.1.1.1/24 304
- MIB style configuration 307
- RMON configuration 308
- RMON groups 309
- Alarm group 310
- Private alarm group 310
- XGE4/0/1 314
Relacionado con productos y manuales para La Seguridad H3c-technologies H3C SecBlade NetStream Cards
(66 paginas)© 2020, manymanuals.es. Todos los derechos reservados | 0.051 s |
Manymanuals.com
Manymanuals.de
Manymanuals.fr
Manymanuals.it
Manymanuals.pl
Manymanuals.cz
Manymanuals.es
Manymanuals-pt.com
Comentarios a estos manuales