Fibre Channel (SAN)

Reply
New Contributor
Posts: 2
Registered: ‎10-04-2016

Telnet and HTTP block in Brocade

Hi,

 

We are planning to block Telnet and HTTP in our environment, however these should not be blocked for BNA. Plesae can some one suggest how we can implement the same.

Occasional Contributor
Posts: 19
Registered: ‎09-16-2016

Re: Telnet and HTTP block in Brocade

Hello, 

you may go with ipfilter command and clone the default_ipv4  and add rule 1 to specify the IP ( BNA IP) for port 23 (telnet) and 80  (http)to permit , which should effectively deny  all other IPs to  port 23 and 80

 

Regards

Sushanth

Occasional Contributor
Posts: 19
Registered: ‎09-16-2016

Re: Telnet and HTTP block in Brocade

it is a  good practice is to " deny any "  for telnet and http

 

For BNA you can use https instead of http

 

Regards

Sushanth

New Contributor
Posts: 2
Registered: ‎10-04-2016

Re: Telnet and HTTP block in Brocade

Hi,

 

Command to block telnet

 

ipfilter --addrule BlockTelnet -rule 1 -sip any -dp 23 -proto tcp -act deny

 

My Question is :-

 

Do we need to put SIP :- as BNA IP , so it will not block the BNA and same for HTTP.

 

I believe we need to add two rules 1 for telnet and other for HTTP

 

And what would be the sequence of these rules.. Thanks

Occasional Contributor
Posts: 19
Registered: ‎09-16-2016

Re: Telnet and HTTP block in Brocade

yes, have to be  two rules on the same policy with -sip bna ip  -act permit   ( to only permit BNA IP)

 

Regards

Sushanth

Join the Community

Get quick and easy access to valuable resource designed to help you manage your Brocade Network.

vADC is now Pulse Secure
Download FREE NVMe eBook