I will give an example of setting up an ACL to restrict access to Telnet, SSH, SNMP on Huawei S2300 series switches.
Let’s create an ACL (Access Control List) in which we specify the addresses that will be allowed access to the device via SNMP:
acl number 2000 rule 5 permit source 10.0.0.1 0 rule 10 permit source 192.168.5.5 0 quit
Let’s add an SNMP community with an ACL (if SNMP communities without ACLs were added before, then delete them):
snmp-agent community read ixnfo.com acl 2000 undo snmp-agent community ...
Let’s create an ACL in which we specify the addresses that will be allowed access to device management via Telnet and SSH:
acl 3999 rule permit ip source 10.0.0.1 0 rule permit ip source 10.0.100.100 0 quit
Let’s see the vty numbers that are configured on the device:
display current-configuration | include vty
Let’s apply acl to existing vty:
user-interface vty 0 4 acl 3999 inbound quit
Let’s save the configuration:
An example of viewing ACLs:
display acl all
See also my article:
Configuring Huawei Quidway S2326TP-EI