How to Enable Telnet Service and Configure ACL on a Huawei Switch
This guide explains step‑by‑step how to enable the Telnet service on a Huawei switch, set up a time‑range, create a basic ACL that permits a single host, and apply the ACL to the VTY lines to restrict access.
1. Enable the Telnet service on the switch:
[root] telnet server enable [root] user-interface vty 0 4 [root-ui-vty0-4] authentication-mode aaa [root-ui-vty0-4] protocol inbound all [root-ui-vty0-4] quit
2. Create a local Telnet user with privilege level 15:
[root] aaa [root-aaa] local-user privilege level 15 password cipher 123456 [root-aaa] local-user service-type telnet
3. Define a time‑range for workdays (Monday‑Friday, 08:30‑18:00):
[root] time-range workday 8:30 to 18:00 working-day
4. Create a basic ACL (2000) that permits only the host 192.168.1.10 during the defined time‑range:
[root] acl 2000 [root-acl-basic-2000] rule permit source 192.168.1.10 0 time-range workday # An implicit "deny any" rule applies to all other traffic
5. Apply the ACL to the VTY lines so that only traffic matching the ACL can establish a Telnet session:
[root] user-interface vty 0 4 [root-ui-vty0-4] acl 2000 inbound
After these configurations, any Telnet login attempt that is not explicitly permitted (i.e., not from 192.168.1.10 within the workday time‑range) will be denied.
Practical DevOps Architecture
Hands‑on DevOps operations using Docker, K8s, Jenkins, and Ansible—empowering ops professionals to grow together through sharing, discussion, knowledge consolidation, and continuous improvement.
How this landed with the community
Was this worth your time?
0 Comments
Thoughtful readers leave field notes, pushback, and hard-won operational detail here.