ssh server ipv6 acl
Use ssh server ipv6 acl to set an ACL for IPv6 SSH clients.
Use undo ssh server ipv6 acl to restore the default.
Syntax
ssh server ipv6 acl [ ipv6 ]acl-number
undo ssh server ipv6 acl
Default
All IPv6 SSH clients are allowed to initiate connections to the device.
Views
System view
Predefined user roles
network-admin
Parameters
ipv6: Specifies ACL type as IPv6. If this keyword is not specified, Layer 2 ACL is applied.
acl-number: Specifies an ACL by its number. If the ipv6 keyword is specified, the value of the acl-number
argument is in the range of 2000 to 3999. If the ipv6 keyword is not specified, the value of the
acl-number argument is in the range of 4000 to 4999.
Usage guidelines
Use this command to specify an ACL to filter the IPv6 SSH clients' request packets. The filtering process
is as follows:
• If an ACL is specified, only the IPv6 SSH clients that match the permit statement in this ACL can
access the device.
• If the specified ACL does not exist, or the ACL does not have any statement, all the IPv6 SSH clients
can access the device.
The ACL only filters new SSH connections after the configuration.
If you execute this command multiple times, the most recent configuration takes effect.
Examples
# Specify an ACL to only permit an IPv6 SSH client 1::1/64 to initiate the connection to the device.
<Sysname> system-view
[Sysname] acl ipv6 number 2001
[Sysname-acl6-basic-2001] rule permit source 1::1 64
[Sysname-acl6-basic-2001] quit
[Sysname] ssh server ipv6 acl 2001
Related commands
display ssh server
233
To Next Page
Loading...
Need help?
General
