Restricting remote access to management functions, Using acls to restrict remote access, Using an acl to restrict telnet access – Brocade TurboIron 24X Series Configuration Guide User Manual

Page 99

Advertising
background image

Brocade TurboIron 24X Series Configuration Guide

65

53-1003053-01

Restricting remote access to management functions

Restricting remote access to management functions

You can restrict access to management functions from remote sources, including Telnet and SNMP.
The following methods for restricting remote access are supported:

Using ACLs to restrict Telnet or SNMP access

Allowing remote access only from specific IP addresses

Allowing Telnet and SSH access only from specific MAC addresses

Allowing remote access only to clients connected to a specific VLAN

Specifically disabling Telnet or SNMP access to the device

The following sections describe how to restrict remote access to a device using these methods.

Using ACLs to restrict remote access

You can use standard ACLs to control the following access methods to management functions on a
device:

Telnet

SSH

SNMP

Consider the following to configure access control for these management access methods.

1. Configure an ACL with the IP addresses you want to allow to access the device.

2. Configure a Telnet access group, SSH access group, Web access group, and SNMP community

strings. Each of these configuration items accepts an ACL as a parameter. The ACL contains
entries that identify the IP addresses that can use the access method.

The following sections present examples of how to secure management access using ACLs. Refer
to

Chapter 28, “Configuring Rule-Based IP Access Control Lists”

for more information on

configuring ACLs.

Using an ACL to restrict Telnet access

To configure an ACL that restricts Telnet access to the device, enter commands such as the
following.

TFTP access

Not secured

Allow TFTP access only to clients connected to a
specific VLAN

page 71

Disable TFTP access

page 73

TABLE 18

Ways to secure management access to devices (Continued)

Access method

How the access
method is secured
by default

Ways to secure the access method

See page

Advertising
Popular Brands
Popular manuals