Security
Management Access Method
Cisco 500 Series Stackable Managed Switch Administration Guide 448
21
• Applies to Source IP Address—Select the type of source IP address to
which the access profile applies. The Source IP Address field is valid for a
subnetwork. Select one of the following values:
- All—Applies to all types of IP addresses.
- User Defined—Applies to only those types of IP addresses defined in
the fields.
• IP Version—Enter the version of the source IP address: Version 6 or Version
4.
• IP Address—Enter the source IP address.
• Mask—Select the format for the subnet mask for the source IP address, and
enter a value in one of the fields:
-
Network Mask
—Select the subnet to which the source IP address
belongs and enter the subnet mask in dotted decimal format.
-
Prefix Length
—Select the Prefix Length and enter the number of bits that
comprise the source IP address prefix.
STEP 7 Click Apply. The access profile is written to the Running Configuration file. You can
now select this access profile as the active access profile.
Defining Profile Rules
Access profiles can contain up to 128 rules to determine who is permitted to
manage and access the device, and the access methods that may be used.
Each rule in an access profile contains an action and criteria (one or more
parameters) to match. Each rule has a priority; rules with the lowest priority are
checked first. If the incoming packet matches a rule, the action associated with the
rule is performed. If no matching rule is found within the active access profile, the
packet is dropped.
For example, you can limit access to the device from all IP addresses except IP
addresses that are allocated to the IT management center. In this way, the device
can still be managed and has gained another layer of security.
To add profile rules to an access profile:
To Next Page
Loading...
