No relevant resource is found in the selected language.

This site uses cookies. By continuing to browse the site you are agreeing to our use of cookies. Read our privacy policy>Search

Reminder

To have a better experience, please upgrade your IE browser.

upgrade

Fat AP and Cloud AP V200R010C00 Command Reference

Rate and give feedback:
Huawei uses machine translation combined with human proofreading to translate this document to different languages in order to help you better understand the content of this document. Note: Even the most advanced machine translation cannot match the quality of professional translators. Huawei shall not bear any responsibility for translation accuracy and it is recommended that you refer to the English document (a link for which has been provided).
user-interface vty acl

user-interface vty acl

Function

The user-interface vty acl command uses an ACL to restrict login rights of users on a terminal.

The undo user-interface vty acl command cancels the configuration.

By default, login rights are not restricted.

Format

user-interface vty ui-number acl [ ipv6 ] acl-number { inbound | outbound }

undo user-interface vty ui-number acl [ ipv6 ] { inbound | outbound }

Parameters

Parameter Description Value
vty ui-number

Specifies the VTY user interface number.

The value is an integer that ranges from 0 to 4.

ipv6

Indicates an ACL6 number.

-
acl-number

Specifies the number of an ACL.

The value is an integer ranging from 3000 to 3031.

inbound

Restricts users with an address or within an address segment to log in to the device.

-
outbound

Restricts users that have logged in to the device from logging in to other devices.

-

Views

AP system profile view

Default Level

3: Management level

Usage Guidelines

Usage Scenario

This command restricts the login rights of a user interface based on the source IP address, destination IP address, source port, or destination port. You can use this command to permit or deny access to a destination or from a source.

Prerequisites

Before running this command, run the acl (system view) in the system view and run the rule (basic ACL view) or rule (advanced ACL view) command to configure an ACL.

If no rule is configured, login rights on the user interface are not restricted when the acl command is executed.

Precautions

After the configurations of the ACL take effect, all users on the user interface are restricted by the ACL.

You can configure all of the following ACL types: IPv4 inbound, IPv4 outbound, IPv6 inbound, and IPv6 outbound on a user interface. Only one ACL of each type can be configured on a user interface, and only the latest configuration of an ACL takes effect.

Example

# Restrict the Telnet login rights on user interface VTY 0.

<Huawei> system-view
[Huawei] acl 3001
[Huawei-acl-adv-3001] rule deny tcp source any destination-port eq telnet
[Huawei-acl-adv-3001] quit
[Huawei] wlan
[Huawei-wlan-view] ap-system-profile name huawei 
[Huawei-wlan-ap-system-prof-huawei] user-interface vty 0 acl 3001 outbound
Translation
Download
Updated: 2019-11-21

Document ID: EDOC1100064352

Views: 202929

Downloads: 122

Average rating:
This Document Applies to these Products
Related Version
Related Documents
Share
Previous Next