< Home

acl-number

Function

The acl-number command binds an administrator account to an ACL.

The undo acl-number command removes the binding between an administrator account and an ACL.

Format

acl-number acl-number

undo acl-number

Parameters

Parameter Description Value

acl-number

Specifies the number of an existing basic or advanced ACL.

The basic ACL number is an integer ranging from 2000 to 2999, and the advanced ACL number is an integer ranging from 3000 to 3999.

Views

Administrator view

Default Level

2: Configuration level

Usage Guidelines

You can run the acl-number command to bind an administrator account to an ACL to implement effective login IP address control and improve account security.

The ACL must already exist. If an administrator account is already bound to an ACL, executing the acl-number command overrides the previous binding.

When the administrator's login IP address is controlled by binding an ACL, if the request packet contains the X-Forwarded-For field, set the source IP address in the rule to the actual IP address.

This function does not take effect on server authentication administrators and console login administrators.

Example

# Bind an administrator account named abc to ACL 2001.

<sysname> system-view
[sysname] aaa
[sysname-aaa] manager-user abc
[sysname-aaa-manager-user-abc] acl-number 2001
Parent Topic: Administrator Commands
Copyright © Huawei Technologies Co., Ltd.
Copyright © Huawei Technologies Co., Ltd.
< Previous topic Next topic >