EasyManua.ls Logo

Dell PowerConnect B-RX - Restricting Remote Access to Management Functions; Using Acls to Restrict Remote Access

Dell PowerConnect B-RX
1458 pages
To Next Page IconTo Next Page
To Next Page IconTo Next Page
To Previous Page IconTo Previous Page
To Previous Page IconTo Previous Page
Loading...
BigIron RX Series Configuration Guide 63
53-1002253-01
Restricting remote access to management functions
4
Restricting remote access to management functions
You can restrict access to management functions from remote sources, including Telnet, the Web
management interface, and SNMP. The following methods for restricting remote access are
supported:
Using ACLs to restrict Telnet, Web management interface, or SNMP access
Allowing remote access only from specific IP addresses
Allowing remote access only to clients connected to a specific VLAN
Specifically disabling Telnet, Web management interface, or SNMP access to the device
Using ACLs to restrict remote access
You can use standard ACLs to control the following access methods to management functions on
the device:
Telnet access
SSH access
Web management access
SNMP access
To configure access control for these management access methods.
1. Configure an ACL with the IP addresses you want to allow to access the device
2. Configure a Telnet access group, SSH access group, web access group, and SNMP community
strings. Each of these configuration items accepts an ACL as a parameter. The ACL contains
entries that identify the IP addresses that can use the access method.
The following sections present examples of how to secure management access using ACLs.
NOTE
ACL filtering for remote management access is done in hardware.
Using an ACL to restrict Telnet access
To configure an ACL that restricts Telnet access to the device, enter commands such as the
following.
BigIron RX(config)# access-list 10 deny host 209.157.22.32 log
BigIron RX(config)# access-list 10 deny 209.157.23.0 0.0.0.255 log
BigIron RX(config)# access-list 10 deny 209.157.24.0 0.0.0.255 log
BigIron RX(config)# access-list 10 deny 209.157.25.0/24 log
BigIron RX(config)# access-list 10 permit any
BigIron RX(config)# telnet access-group 10
BigIron RX(config)# write memory
The commands configure ACL 10, then apply it as the access list for Telnet access. The device
allows Telnet access to all IP addresses except those listed in ACL 10.
Syntax: telnet access-group <num> | <name> | ipv6 <ipv6-access-list-name>
The <num> parameter specifies the number of a standard ACL, 1 – 99.
The <name> parameter specifies the standard access list name.

Table of Contents

Other manuals for Dell PowerConnect B-RX

Preview: Getting Started Guide
Getting Started Guide32 pages

Related product manuals