Ethernet Fabric (VDX, CNA)

Reply
Contributor
Posts: 20
Registered: ‎02-13-2013

VDX6720 and VDX6740 - telnet access

Hi

I use fabric build from VDX6720 and VDX6740 switches. Few VDX are doing L3 inter-vlan routing. All is working just fine - but I need to restrict telnet/ssh access to switches. How I can apply Access-List to restrict telnet/ssh access to the boxes ?

 

We running NOS 4.1.2 and logical-chassis mode.

 

Occasional Contributor
Posts: 15
Registered: ‎10-02-2009

Re: VDX6720 and VDX6740 - telnet access

Default permit any.

Create an acl and bind it to your management interface:

 

On a management interface, the default action of "permit any" is inserted at the end of an ACL that
has been bound.
To bind an ACL to a management interface, perform the following steps from privileged EXEC mode.
1. Enter the configure terminal command to access global configuration mode.
switch# configure terminal
2. Enter interface management followed by the rbridge-id/port, the IP version, the access-group
name for the ACL you want to bind, and the binding direction (ingress or egress).
switch(config)# interface management 1/0
switch(config-Management-1/0)# ip access-group stdACL3 in
switch(config-Management-1/0)# ipv6 access-group stdV6ACL1 in
switch(config-Management-1/0)# exit

 

Ronald

Cae
Occasional Visitor
Posts: 1
Registered: ‎08-09-2014

Re: VDX6720 and VDX6740 - telnet access

Good evening to all

 

You spoke about restrict telnet/ssh access through an access-list and apply it in management interface. And when i am  managing my VDX6740 and VDX 6710 running NOS 4.1.2a through from another interface, per exemple TenGigabitEthernet rbid/0/1 ? The only way to restrict telnet/ssh access is apply a specific access-list on that interface ?

 

Best Regards

Cae

Join the Community

Get quick and easy access to valuable resource designed to help you manage your Brocade Network.

vADC is now Pulse Secure
Download FREE NVMe eBook