Defining the console idle time – Brocade TurboIron 24X Series Configuration Guide User Manual

Page 101

Advertising
background image

Brocade TurboIron 24X Series Configuration Guide

67

53-1003053-01

Restricting remote access to management functions

NOTE

The syntax for using ACLs for SNMP access is different from the syntax for controlling Telnet or SSH
access using ACLs.

Syntax: snmp-server community <string> ro | rw <num>

The <string> parameter specifies the SNMP community string the user must enter to gain SNMP
access.

The ro parameter indicates that the community string is for read-only (“get”) access. The rw
parameter indicates the community string is for read-write (“set”) access.

The <num> parameter specifies the number of a standard ACL and must be from 1 – 99.

These commands configure ACLs 25 and 30, then apply the ACLs to community strings.

ACL 25 is used to control read-only access using the “public” community string. ACL 30 is used to
control read-write access using the “private” community string.

NOTE

When snmp-server community is configured, all incoming SNMP packets are validated first by their
community strings and then by their bound ACLs.

Defining the console idle time

By default, a device does not time out serial console sessions. A serial session remains open
indefinitely until you close it. You can however define how many minutes a serial management
session can remain idle before it is timed out.

NOTE

You must enable AAA support for console commands, AAA authentication, and Exec authorization in
order to set the console idle time.

To configure the idle time for a serial console session, use the following command.

TurboIron(config)#console timeout 120

Syntax: [no] console timeout <0 – 240>

Possible values: 0 – 240 minutes

Default value: 0 minutes (no timeout)

TurboIron(config)#access-list 25 deny host 10.157.22.98 log

TurboIron(config)#access-list 25 deny 10.157.23.0 0.0.0.255 log

TurboIron(config)#access-list 25 deny 10.157.24.0 0.0.0.255 log

TurboIron(config)#access-list 25 permit any

TurboIron(config)#access-list 30 deny 10.157.25.0 0.0.0.255 log

TurboIron(config)#access-list 30 deny 10.157.26.0/24 log

TurboIron(config)#access-list 30 permit any

TurboIron(config)#snmp-server community public ro 25

TurboIron(config)#snmp-server community private rw 30

TurboIron(config)#write memory

Advertising
Popular Brands
Popular manuals