No relevant resource is found in the selected language.

This site uses cookies. By continuing to browse the site you are agreeing to our use of cookies. Read our privacy policy>Search


To have a better experience, please upgrade your IE browser.


S12700 V200R013C00 Command Reference

This document describes all the configuration commands of the device, including the command function, syntax, parameters, views, default level, usage guidelines, examples, and related commands.
Rate and give feedback:
Huawei uses machine translation combined with human proofreading to translate this document to different languages in order to help you better understand the content of this document. Note: Even the most advanced machine translation cannot match the quality of professional translators. Huawei shall not bear any responsibility for translation accuracy and it is recommended that you refer to the English document (a link for which has been provided).
user-interface vty acl

user-interface vty acl


The user-interface vty acl command uses an ACL to restrict login rights of users on a terminal.

The undo user-interface vty acl command cancels the configuration.

By default, login rights are not restricted.


user-interface vty ui-number acl [ ipv6 ] acl-number { inbound | outbound }

undo user-interface vty ui-number acl [ ipv6 ] { inbound | outbound }


Parameter Description Value

Indicates an ACL6 number.


Specifies the number of an ACL.

The value is an integer ranging from 3000 to 3031.


Restricts users with an address or within an address segment to log in to the device.


Restricts users that have logged in to the device from logging in to other devices.



AP system profile view

Default Level

3: Management level

Usage Guidelines

Usage Scenario

This command restricts the login rights of a user interface based on the source IP address, destination IP address, source port, or destination port. You can use this command to permit or deny access to a destination or from a source.


Before running this command, run the acl (system view) in the system view and run the rule (basic ACL view) or rule (advanced ACL view) command to configure an ACL.

If no rule is configured, login rights on the user interface are not restricted when the acl command is executed.


After the configurations of the ACL take effect, all users on the user interface are restricted by the ACL.

You can configure all of the following ACL types: IPv4 inbound, IPv4 outbound, IPv6 inbound, and IPv6 outbound on a user interface. Only one ACL of each type can be configured on a user interface, and only the latest configuration of an ACL takes effect.


# Restrict the Telnet login rights on user interface VTY 0.

<HUAWEI> system-view
[HUAWEI] acl 3001
[HUAWEI-acl-adv-3001] rule deny tcp source any destination-port eq telnet
[HUAWEI-acl-adv-3001] quit
[HUAWEI] wlan
[HUAWEI-wlan-view] ap-system-profile name huawei 
[HUAWEI-wlan-ap-system-prof-huawei] user-interface vty 0 acl 3001 outbound
Updated: 2019-04-09

Document ID: EDOC1100065659

Views: 123856

Downloads: 88

Average rating:
This Document Applies to these Products
Related Version
Related Documents
Previous Next