Fibre Channel (SAN)

Reply
New Contributor
Posts: 4
Registered: ‎07-04-2011

telnet and www disabled what now ?

Hello,

I hope somebody can help.

my customer requested telnet and http to be disabled in his Brocade 300 switches (FOS 7.0.2c)

So I created the following profile:

name Disable_Telnet       Type: ipv4

rule    source IP       Protocol        Dest Port     Action

1        any                tcp                 80                   deny

2        any                tcp                 23                   deny

3        any                tcp                 22                   permit

4        any                tcp                 23                   permit

5        any                tcp                 897                 permit

6        any                tcp                 898                 permit

7        any                tcp                 111                 permit

8        any                tcp                  80                  permit

9        any                tcp                 443                 permit

10      any                udp                161                 permit

11      any                udp                111                 permit

12      any                udp                123                 permit

13      any                tcp                 600-1023        permit

14      any                tcp                 600-1023        permit

The problem is now that I cannot login with HTTP, HTTPS and Telnet.

The only 2 that are working are SSH and Serial cable via putty.

I have created this profile with the admin user.

But when I login with the admin user on SSH or serial via putty and do the following:

ipfilter --delete block_telnetv4 -type ipv4
Not ownwer of the current transaction

ipfilter --activate default_ipv4
Not ownwer of the current transaction

What can I do ?

Is there a root user ?

I have tried root with password fibranne, I found that somewhere on the internet but I cannot login.

Please advise ?

Cheers

Ron

Valued Contributor
Posts: 931
Registered: ‎12-30-2009

Re: telnet and www disabled what now ?

You cannot delete an active profile, assuming disable_telnet is indeed active.

So steps would be

1- active other policy

2- delete "wrong" policy

However perhaps your change is still in the transaction buffer, looks like it anyway because of the output your getting.

If so a ipfilter -transabort should revert back to before you started.

If you want to have root access try password, this is also one of the defaults

Join the Community

Get quick and easy access to valuable resource designed to help you manage your Brocade Network.

Click to Register
Download FREE NVMe eBook