Restricting source ips access to management, Configuring acl through the cli – Panasonic 7 User Manual

44 Chapter 2 Getting started

Restricting source IPs access to management

You are able to filter management access of source IP addresses. Access Lists

(ACLs) restrict connection of designated source IPs for management purposes

over HTTP, FTP, TELNET and SNMP. Management traffic is intercepted and if

the destination is System and the packet is for one of the four services above, the

source IP address is matched against the ACL that is set for the particular service.

If no ACL is defined for HTTP, for example, then http traffic is permited for any
IP address that comes as a source address in the packet.

The IP address of a source client is logged in the syslog output whether the logon
connection attempt is successful or not.

Configuring ACL through the CLI:

Use the following commands to configure ACL in CLI:

To set an ACL for HTTP, enter the following NNCLI command:

CES(config)#

http access-list

<the_name_of_an_acl>

To remove an ACL for HTTP, enter the following command:

CES(config)

#no http access-list

To set an ACL for FTP, enter the following NNCLI command:

CES(config)

#ftp-server access-list

<the_name_of_an_acl>

To remove an ACL for FTP, enter the following command:

CES(config)#

no ftp-server access-list

To set an ACL for SNMP, enter the following NNCLI command:

CES(config)

#s^mp-server access-list

<the_name_of_an_acl>

To remove an ACL for SNMP, enter the following command:

CES(config)

#no sn^p-server access-list

NN46110-500