Print

S6800 IPV6 TELNET登陆限制案例

2020-09-13 发表

组网及说明

为了确保设备的IPV6 TELNET安全登陆管理,需对TELNET进行登录限制。

S6800版本信息如下:

H3C Comware Software, Version 7.1.045, Release 2418P05

Copyright (c) 2004-2015 Hangzhou H3C Tech. Co., Ltd. All rights reserved.

H3C S6800-4C uptime is 239 weeks, 3 days, 6 hours, 18 minutes

Last reboot reason : USER reboot

配置步骤

配置IPV6 ACLTELNET进行登录限制:

1、配置VLANIPV6地址

[SW1]int vlan 1

[SW1-Vlan-interface1]ipv6 address 1::1 64

[SW1-Vlan-interface1]quit

2、创建IPV6 ACL,指定特定IPV6地址

[SW1]acl ipv6 basic 2000

[SW1-acl-ipv6-basic-2000]rule 0 permit source 1:: 64

[SW1-acl-ipv6-basic-2000]rule 1 deny source any

3、创建用户名、密码,赋予权限

[SW1]local-user ninglihua

[SW1-luser-manage-ninglihua]password simple ninglihua

[SW1-luser-manage-ninglihua]service-type ssh telnet http https

[SW1-luser-manage-ninglihua]authorization-attribute user-role

network-admin

[SW1-luser-manage-ninglihua]quit

5、配置VTY

[SW1]line vty 0 4

[SW1-line-vty0-4]authentication-mode scheme

[SW1-line-vty0-4]protocol inbound all

[SW1-line-vty0-4]quit

6、配置telnetIPV6 ACL绑定

[SW1]telnet server enable

[SW1]telnet server ipv6 acl ipv6 2000

配置关键点