HP ProCurve 9304M Security Manual page 21

Routing switches

Hide thumbs Also See for ProCurve 9304M:

Management and configuration manual (690 pages)

Installation and configuration manual (504 pages)

Installation and getting started manual (348 pages)

Table Of Contents

100

101

102

103

104

105

106

107

108

109

110

111

112

113

114

115

116

117

118

119

120

121

122

123

124

125

126

127

128

129

130

131

132

133

134

135

136

137

138

139

140

141

142

143

144

145

146

147

148

149

150

151

152

153

154

155

156

157

158

159

160

161

162

163

164

165

166

167

168

169

170

171

172

page of 172

/ 172
Contents
Table of Contents
Bookmarks

Table of Contents

Using an ACL to Restrict SSH Access

To configure an ACL that restricts SSH access to the device, enter commands such as the following:

ProCurveRS(config)# access-list 12 deny host 209.157.22.98 log

ProCurveRS(config)# access-list 12 deny 209.157.23.0 0.0.0.255 log

ProCurveRS(config)# access-list 12 deny 209.157.24.0/24 log

ProCurveRS(config)# access-list 12 permit any

ProCurveRS(config)# ssh access-group 12

ProCurveRS(config)# write memory

Syntax: ssh access-group <num>

The <num> parameter specifies the number of a standard ACL and must be from 1 – 99.

These commands configure ACL 12, then apply the ACL as the access list for SSH access. The device denies

SSH access from the IP addresses listed in ACL 12 and permits SSH access from all other IP addresses. Without

the last ACL entry for permitting all packets, this ACL would deny SSH access from all IP addresses.

NOTE: In this example, the command ssh access-group 10 could have been used to apply the ACL configured

in the example for Telnet access. You can use the same ACL multiple times.

Using an ACL to Restrict Web Management Access

To configure an ACL that restricts Web management access to the device, enter commands such as the following:

ProCurveRS(config)# access-list 12 deny host 209.157.22.98 log

ProCurveRS(config)# access-list 12 deny 209.157.23.0 0.0.0.255 log

ProCurveRS(config)# access-list 12 deny 209.157.24.0/24 log

ProCurveRS(config)# access-list 12 permit any

ProCurveRS(config)# web access-group 12

ProCurveRS(config)# write memory

Syntax: web access-group <num>

The <num> parameter specifies the number of a standard ACL and must be from 1 – 99.

These commands configure ACL 12, then apply the ACL as the access list for Web management access. The

device denies Web management access from the IP addresses listed in ACL 12 and permits Web management

access from all other IP addresses. Without the last ACL entry for permitting all packets, this ACL would deny

Web management access from all IP addresses.

Using ACLs to Restrict SNMP Access

To restrict SNMP access to the device using ACLs, enter commands such as the following:

June 2005

Securing Access to Management Functions

2 - 5

Table of Contents

This manual is also suitable for:

J4139aProcurve 9308mJ4874a Procurve 9408sl J4138a J8680a ... Show all

HP ProCurve 9304M Security Manual page 21

Related Manuals for HP ProCurve 9304M

Related Products for HP ProCurve 9304M

This manual is also suitable for:

Table of Contents