[Sysname] user-interface vty 0 4
[Sysname-ui-vty0-4] acl 2000 inbound
Configuring source IP-based login control over
NMS users
You can log in to the NMS to remotely manage the devices. SNMP is used for communication between
the NMS and the agent that resides in the device. By using the ACL, you can control SNMP user access
to the device.
Configuration preparation
Before configuration, determine the permitted or denied source IP addresses.
Configuring source IP-based login control over NMS users
Because basic ACLs match the source IP addresses of packets, you can use basic ACLs to implement
source IP-based login control over NMS users. Basic ACLs are numbered from 2000 to 2999. For more
information about ACL, see the ACL and QoS Configuration Guide.
Follow these steps to configure source IP-based login control over NMS users:
To do… Use the command… Remarks
Enter system view system-view —
Create a basic ACL and enter its
view, or enter the view of an
existing basic ACL
acl [ ipv6 ] number acl-number
[ match-order { config | auto } ]
By default, no basic ACL exists.
Create rules for this ACL
rule [ rule-id ] { permit | deny }
[ source { sour-addr sour-wildcard |
any } | time-range time-name |
fragment | logging ]*
Exit the basic ACL view quit —
Associate this SNMP community
with the ACL
snmp-agent community { read |
write } community-name [ acl
acl-number | mib-view
view-name ]*
Associate the SNMP group with
the ACL
snmp-agent group { v1 | v2c }
group-name [ read-view
read-view ] [ write-view
write-view ] [ notify-view
notify-view ] [ acl acl-number ]
snmp-agent group v3 group-name
[ authentication | privacy ]
[ read-view read-view ]
[ write-view write-view ]
[ notify-view notify-view ] [ acl
acl-number ]
You can associate the ACL when
creating the community, the SNMP
group, and the user.
For more information about
SNMP, see the Network
Management and Monitoring
Configuration Guide.