Application Delivery (ADX)

Reply
Contributor
Posts: 25
Registered: ‎05-04-2009

How do I restrict management access (SSH, telnet, WebGUI) to my management network or management hosts?

Thx!

Super Contributor
Posts: 316
Registered: ‎05-01-2009

Re: How do I restrict management access (SSH, telnet, WebGUI) to my management network or management hosts?

Please create an access-list permitting your management subnet(s) and/or management hosts. Let me use the following two management subnets as an example:

192.168.133.0/24

10.10.11.0/24

You have to bind this access list to the telnet server, ssh server, WebGUI and snmp servers - all in all this is looking like (using the ACL ID 1):

access-list 1 permit 192.168.133.0/24

access-list 1 permit 10.10.11.0/24

access-list 1 deny any

telnet access-group 1

ssh access-group 1

snmp-server community <read-only-community-string> ro 1

snmp-server community <read-write-community-string> rw 1

web access-group 1

That is all. You do not have to put the "deny any" rule at the end of the ACL because this is by default the last rule of every ACL.

Join the Community

Get quick and easy access to valuable resource designed to help you manage your Brocade Network.