ssh server ipv6 acl

Syntax

ssh server ipv6 acl ipv6 acl-number

undo ssh server ipv6 acl

View

System view

Default level

2: System level

Parameters

ipv6: Specifies an IPv6 ACL.

acl-number: Specifies an ACL by its number in the range of 2000 to 3999.

Description

Use ssh server ipv6 acl to specify an ACL to control IPv6 SSH user connections.

Use undo ssh server ipv6 acl to restore the default.

By default, No ACLs are specified and all IPv6 SSH users can initiate SSH connections to the server.

The specified ACL filters IPv6 SSH users' connection requests. Only the IPv6 SSH users that the ACL permits can initiate SSH connections to the device.

All IPv6 SSH users can initiate SSH connections to the device when any one of the following conditions exists:

• You do not specify an ACL.

• The specified ACL does not exist.

• The specified ACL does not have rules.

The ACL takes effect only on SSH connections that are initiated after the ACL configuration.

If you execute this command multiple times, the most recent configuration takes effect.

Examples

# Configure ACL 2001 and permit only the users on the subnet 1::1/64 to initiate SSH connections to the server.

<Sysname> system-view

[Sysname] acl ipv6 number 2001

[Sysname-acl6-basic-2001] rule permit source 1::1 64

[Sysname-acl6-basic-2001] quit

[Sysname] ssh server ipv6 acl ipv6 2001