Implementing Management Plane Protection on Cisco IOS XR Software
How to Configure a Device for Management Plane Protection
SC-230
Cisco IOS XR System Security Configuration Guide
Configuring a Device for Management Plane Protection
Perform this task to configure a device that you have just added to your network or a device already
operating in your network. This task shows how to configure MPP in which SSH is allowed to access the
router only through the POS 0/5/0/0 interface.
SUMMARY STEPS
1. configure
2. control-plane
3. management-plane
4. inband
5. interface {type instance | all}
6. allow {protocol | all}
7. end
or
commit
8. show mgmt-plane [interface {type instance}]
DETAILED STEPS
Command or Action Purpose
Step 1
configure
Example:
RP/0/RP0/CPU0:router# configure
Enters global configuration mode.
Step 2
control-plane
Example:
RP/0/RP0/CPU0:router(config)# control-plane
RP/0/RP0/CPU0:router(config-ctrl)#
Enters the control plane configuration mode.
Step 3
management-plane
Example:
RP/0/RP0/CPU0:router(config-ctrl)# management-plane
RP/0/RP0/CPU0:router(config-mpp)#
Configures management plane protection to allow
and disallow protocols and enters management plane
protection configuration mode.
Step 4
inband
Example:
RP/0/RP0/CPU0:router(config-mpp)# inband
RP/0/RP0/CPU0:router(config-mpp-inband)#
Configures an inband interface and enters
management plane protection inband configuration
mode.
To Next Page
Loading...
