Security
7705 SAR OS System Management Guide 43
Security Configuration Procedures
• Configuring IPv4 or IPv6 Management Access Filters
• Configuring IPv4 or IPv6 CPM (CSM) Filters
• Configuring Password Management Parameters
• Configuring Profiles
• Configuring Users
• Copying and Overwriting Users and Profiles
• Configuring SSH
• Configuring Login Controls
• RADIUS Configurations
• TACACS+ Configurations
Configuring IPv4 or IPv6 Management Access Filters
Creating and implementing management access filters is optional. Management access filters
control all traffic going in to the CSM, including all routing protocols. They apply to packets
from all ports. The filters can be used to restrict management of the 7705 SAR router by other
nodes outside either specific (sub)networks or through designated ports. By default, there are
no filters associated with security options. The management access filter and entries must be
explicitly created on each router.
Management access filters apply to the management Ethernet port, which supports both IPv4
and IPv6 filters.
The 7705 SAR exits the filter when the first match is found and executes the actions
according to the specified action. For this reason, entries must be sequenced correctly from
most to least explicit.
An entry may not have any match criteria defined (in which case, everything matches) but
must have at least the keyword action to be considered complete. Entries without the
action keyword are considered incomplete and will be rendered inactive.
Use the following CLI commands to configure an IPv4 management access filter.
To Next Page
Loading...
