Restricting telnet access to a specific ip address, Restricting ssh access to a specific ip address, Restricting snmp access to a specific ip address – Brocade TurboIron 24X Series Configuration Guide User Manual

Page 102

Advertising
background image

68

Brocade TurboIron 24X Series Configuration Guide

53-1003053-01

Restricting remote access to management functions

NOTE

In RADIUS, the standard attribute Idle-Timeout is used to define the console session timeout value.
The attribute Idle-Timeout value is specified in seconds. Within the switch, it is truncated to the
nearest minute, because the switch configuration is defined in minutes.

Restricting remote access to the device to specific IP addresses

By default, a device does not control remote management access based on the IP address of the
managing device. You can restrict remote management access to a single IP address for the
following access methods:

Telnet access

SSH access

SNMP access

In addition, you can restrict all access methods to the same IP address using a single command.

The following examples show the CLI commands for restricting remote access. You can specify only
one IP address with each command. However, you can enter each command ten times to specify
up to ten IP addresses.

Restricting Telnet access to a specific IP address

To allow Telnet access to the device only to the host with IP address 10.157.22.39, enter the
following command.

TurboIron(config)#telnet-client 10.157.22.39

Syntax: [no] telnet-client <ip-addr> | <ipv6-addr>

Restricting SSH access to a specific IP address

To allow SSH access to the device only to the host with IP address 10.157.22.39, enter the
following command.

TurboIron(config)#ip ssh client 10.157.22.39

Syntax: [no] ip ssh client <ip-addr> | <ipv6-addr>

Restricting SNMP access to a specific IP address

To allow SNMP access (which includes Brocade Network Advisor) to the device only to the host with
IP address 10.157.22.14, enter the following command.

TurboIron(config)#snmp-client 10.157.22.14

Syntax: [no] snmp-client <ip-addr> | <ipv6-addr>

Restricting all remote management access to a
specific IP address

To allow Telnet, Web, and SNMP management access to the device only to the host with IP address
10.157.22.69, enter three separate commands (one for each access type) or enter the following
command.

Advertising
Popular Brands
Popular manuals