为了确保设备的IPV6 TELNET安全登陆管理,需对TELNET进行登录限制。
S6800版本信息如下:
H3C Comware Software, Version 7.1.045, Release 2418P05
Copyright (c) 2004-2015 Hangzhou H3C Tech. Co., Ltd. All rights reserved.
H3C S6800-4C uptime is 239 weeks, 3 days, 6 hours, 18 minutes
Last reboot reason : USER reboot
配置IPV6 ACL对TELNET进行登录限制:
1、配置VLAN的IPV6地址
[SW1]int vlan 1
[SW1-Vlan-interface1]ipv6 address 1::1 64
[SW1-Vlan-interface1]quit
2、创建IPV6 ACL,指定特定IPV6地址
[SW1]acl ipv6 basic 2000
[SW1-acl-ipv6-basic-2000]rule 0 permit source 1:: 64
[SW1-acl-ipv6-basic-2000]rule 1 deny source any
3、创建用户名、密码,赋予权限
[SW1]local-user ninglihua
[SW1-luser-manage-ninglihua]password simple ninglihua
[SW1-luser-manage-ninglihua]service-type ssh telnet http https
[SW1-luser-manage-ninglihua]authorization-attribute user-role
network-admin
[SW1-luser-manage-ninglihua]quit
5、配置VTY
[SW1]line vty 0 4
[SW1-line-vty0-4]authentication-mode scheme
[SW1-line-vty0-4]protocol inbound all
[SW1-line-vty0-4]quit
6、配置telnet与IPV6 ACL绑定
[SW1]telnet server enable
[SW1]telnet server ipv6 acl ipv6 2000