Fibre Channel (SAN)

Reply
New Contributor
Posts: 3
Registered: ‎12-02-2013
Accepted Solution

Turn off SSH Access on Brocade DS_300B fibre switch

Hello,

I am not experienced with configuring fibre switches so please bear with me. Is there a way I can turn off SSH access to a Brocade DS_300B fibre switch from the GUI?

I go into these switches only now and again to configure zoning for our SAN and am not that familiar with them, so I hoping these is somewhere in the GUI I can do this, however as yet I have not found where this can be done

 

If it helps it is running Fabric OS 6.1.0c

Thanks in advance

Andy

Regular Contributor
Posts: 161
Registered: ‎12-30-2009

Re: Turn off SSH Access on Brocade DS_300B fibre switch

[ Edited ]

Yes it is possible by means of configuring the ipfilter.

 

I believe this to be possible from the webgui if you hit the "advanced" button, however I don't know the exact name anymore of the tab.

 

Be aware you can lock yourself out of the switch by adjusting the ipfilter.

Make sure you you got the proper serial cable and test the serial connection first, you will need in the event you look yourself out.

 

Also make sure you clone the default policy, make alterations to your clone and than activate the cloned policy.

That enables a speedy rollback should you need it,it also preserves the deafult policy.

Frequent Contributor
Posts: 160
Registered: ‎08-07-2009

Re: Turn off SSH Access on Brocade DS_300B fibre switch

See below from the WebTools Admin Guide:

 

Configuring IP Filtering
Web Tools provides the ability to control what client IP addresses may connect to a switch or fabric.
To set up IP Filtering, perform the following steps.


1. Open the Switch Administration window (in Basic mode) as described in “Opening the Switch
Administration window” on page 31.
2. Click Show Advanced Mode.
3. Select the Security Policies tab.
4. Select IPFilter on the Security Policies menu.
5. Click Create Policy.
The Create IP Filter Policy dialog box displays.
6. Enter a policy name, select a policy type, and then click the Add Rule button.
7. Enter the rule order, rule type, source and destination IP addresses, and then modify the
service or destination port, protocol, and action as necessary.
Both the source and destination IP addresses are needed for the FWD rule type.
Only the source IP address is needed for the INPUT rule type, as the destination IP address
field is disabled.
8. Click OK.
After you create a policy, you can use the following controls on this tab to manage the policies:
• The Edit Policy button lets you select an existing policy and make changes to it.
• The Show Policy button lets you view the details of the policy in a read-only window.
• The Delete Policy button lets you delete a policy.
• The Clone Policy button lets you copy a policy. Use this feature when you want to create
similar policies. After you create a clone, you can edit the policy to make the appropriate
changes.
• The Activate Policy button lets you make an existing policy active.
• The Distribute Policy button lets you distribute a policy to various switches.
• The Accepts Distribution check box lets you set the policy to accept or reject distributions.

New Contributor
Posts: 3
Registered: ‎12-02-2013

Re: Turn off SSH Access on Brocade DS_300B fibre switch

Thanks you very much for your hel p _ I am nearly there.

 

I have found there is already a defalt_ipv4 filter showing as active. I can show the policy and see that SSH is currently permitted. However the Edit Policy Tab is greyed out at the moment. I don't think it is permissions but I might be wrong?

 

Thanks again

 

 

Regular Contributor
Posts: 161
Registered: ‎12-30-2009

Re: Turn off SSH Access on Brocade DS_300B fibre switch

Clone the default filter, make your adjustments, active the cloned filter and done.

New Contributor
Posts: 3
Registered: ‎12-02-2013

Re: Turn off SSH Access on Brocade DS_300B fibre switch

Thank you all very much for your assistance. Your time is appreciated  :)

 

Andy

Join the Community

Get quick and easy access to valuable resource designed to help you manage your Brocade Network.

vADC is now Pulse Secure
Download FREE NVMe eBook