Snmp security levels, Snmp configuration, Telnet protocol – Dell POWEREDGE M1000E User Manual
Page 190: Blocking telnet
190
Fabric OS Administrator’s Guide
53-1002745-02
Telnet protocol
6
SNMP security levels
Use the snmpConfig
--
set seclevel command to set the security level. For more information about
using the Brocade SNMP agent, refer to the Fabric OS MIB Reference.
SNMP configuration
Use the snmpConfig
--
set command to change either the SNMPv3 or SNMPv1 configuration. You
can also change access control, MIB capability, and system group.
For details on Brocade MIB files, naming conventions, loading instructions, and information about
using the Brocade SNMP agent, refer to the Fabric OS MIB Reference.
Telnet protocol
Telnet is enabled by default. To prevent passing clear text passwords over the network when
connecting to the switch, you can block the Telnet protocol using an IP filter policy. For more
information on IP filter policies, refer to
ATTENTION
Before blocking Telnet, make sure you have an alternate method of establishing a connection with
the switch.
Blocking Telnet
If you create a new policy using commands with just one rule, all the missing rules have an implicit
deny and you lose all IP access to the switch, including Telnet, SSH, and management ports.
Use the following procedure to block Telnet access.
1. Connect to the switch and log in using an account with admin permissions.
2. Clone the default policy by typing the ipFilter
--
clone command.
switch:admin> ipfilter --clone BlockTelnet -from default_ipv4
3. Save the new policy by typing the ipFilter
--
save command.
switch:admin> ipfilter --save BlockTelnet
4. Verify the new policy exists by typing the ipFilter
--
show command.
switch:admin> ipfilter --show
5. Add a rule to the policy, by typing the ipFilter
--
addrule
command.
switch:admin> ipfilter --addrule BlockTelnet -rule 1 -sip any -dp 23 -proto
tcp -act deny