After logging in to a device using Telnet or STelnet, you can configure ACL rules to allow only users with the specified IP addresses or on the specified network segments can log in to the device.
NOTE:
The Telnet protocol will bring risks to network security. The STelnet V2 mode is recommended.
The following operation assumes that the user logs in to the device using Telnet or STelnet.
# Configure rules in ACL 2005 to allow only the user at 192.168.1.5 and users on network segment 10.10.5.0/24 to log in to the VTY interfaces 0 to 4.
<HUAWEI> system-view [HUAWEI] acl 2005 [HUAWEI-acl-basic-2005] rule permit source 192.168.1.5 0 //Allow only the user at 192.168.1.5 to log in to the device. [HUAWEI-acl-basic-2005] rule permit source 10.10.5.0 0.0.0.255 ////Allow only users on the network segment 10.10.5.0/24 to log in to the device. [HUAWEI-acl-basic-2005] quit [HUAWEI] user-interface vty 0 4 [HUAWEI-ui-vty0-4] acl 2005 inbound [HUAWEI-ui-vty0-4] quit
More Information: S Series Switches Common Operation Guide
