Configuring the USG to allow only certain users to log in through Telnet

Configure the USG2000&5000&6000 to allow only certain users to log in through Telnet in VTY mode as follows:
Create a corresponding ACL to allow only packets from a specified source address and then apply this ACL to the VTY interface. The configuration example is as follows:

[USG-1]acl 3999
[USG-1-acl-adv-3999]rule permit ip source 1.1.1.1 0
[USG-1-acl-adv-3999]rule deny ip source any
[USG-1-acl-adv-3999]quit
[USG-1]user-interface vty 0 4
[USG-1-ui-vty0-4]authentication-mode aaa
[USG-1-ui-vty0-4]protocol inbound telnet
[USG-1-ui-vty0-4]acl 3999 inbound

Scroll to top