Manualshelf

Users Guide

ManualsBrandsDell ManualsAccess PlatformsC1048P Port Extender
71727374757677787980
Terminal Lines
You can access the system remotely and restrict access to the system by creating user profiles.
Terminal lines on the system provide different means of accessing the system. The console line (console) connects you
through the console port. The virtual terminal lines (VTYs) connect you through a remote session to the system.
Denying and Permitting Access to a Terminal Line
Dell Networking recommends applying only standard access control lists (ACLs) to deny and permit access to VTY lines.
Layer 3 ACLs deny all traffic that is not explicitly permitted, but in the case of VTY lines, an ACL with no rules does not deny
traffic.
You cannot use the show ip accounting access-list command to display the contents of an ACL that is applied only
to a VTY line.
To apply an IP ACL to a line, Use the following command.
Apply an ACL to a VTY line.
LINE mode
ip access-class access-list
Example of an ACL that Permits Terminal Access
To view the configuration, use the show config command in LINE mode.
Dell(config-std-nacl)#show config
!
ip access-list standard myvtyacl
seq 5 permit host 10.11.0.1
Dell(config-std-nacl)#line vty 0
Dell(config-line-vty)#show config
line vty 0
access-class myvtyacl
Configuring Login Authentication for Terminal Lines
You can use any combination of up to six authentication methods to authenticate a user on a terminal line.A combination of
authentication methods is called a method list. If the user fails the first authentication method, the system prompts the next
method until all methods are exhausted, at which point the connection is terminated. The available authentication methods
are:
enable
Prompt for the enable password.
line
Prompt for the password you assigned to the terminal line. Configure a password for the terminal line to
which you assign a method list that contains the line authentication method. Configure a password using
the password command from LINE mode.
local
Prompt for the system username and password.
none
Do not authenticate the user.
radius
Prompt for a username and password and use a RADIUS server to authenticate.
tacacs+
Prompt for a username and password and use a TACACS+ server to authenticate.
1 Configure an authentication method list. You may use a mnemonic name or use the keyword default. The default
authentication method for terminal lines is local and the default method list is empty.
CONFIGURATION mode
Switch Management 71