HP ProCurve 9304M Security Manual page 24

Routing switches

Hide thumbs Also See for ProCurve 9304M:

Management and configuration manual (690 pages)

Installation and configuration manual (504 pages)

Installation and getting started manual (348 pages)

Table Of Contents

100

101

102

103

104

105

106

107

108

109

110

111

112

113

114

115

116

117

118

119

120

121

122

123

124

125

126

127

128

129

130

131

132

133

134

135

136

137

138

139

140

141

142

143

144

145

146

147

148

149

150

151

152

153

154

155

156

157

158

159

160

161

162

163

164

165

166

167

168

169

170

171

172

page of 172

/ 172
Contents
Table of Contents
Bookmarks

Table of Contents

Security Guide for ProCurve 9300/9400 Series Routing Switches

Restricting Web Management Access to a Specific IP Address

To allow Web management access to the HP device only to the host with IP address 209.157.22.26, enter the

following command:

ProCurveRS(config)# web-client 209.157.22.26

Syntax: [no] web-client <ip-addr>

Restricting SNMP Access to a Specific IP Address

To allow SNMP access to the HP device only to the host with IP address 209.157.22.14, enter the following

command:

ProCurveRS(config)# snmp-client 209.157.22.14

Syntax: [no] snmp-client <ip-addr>

Restricting All Remote Management Access to a Specific IP Address

To allow Telnet, Web, and SNMP management access to the HP device only to the host with IP address

209.157.22.69, you can enter three separate commands (one for each access type) or you can enter the following

command:

ProCurveRS(config)# all-client 209.157.22.69

Syntax: [no] all-client <ip-addr>

Restricting Telnet and SSH Access Based on a Client's MAC Address

Starting in release 07.8.00, you can restrict remote management access to the HP device based on the MAC

address of a connecting client. This feature applies to Telnet and SSH access to the device.

For example, the following command allows Telnet access to the HP device only to the host with IP address

209.157.22.39 and MAC address 0007.e90f.e9a0:

ProCurveRS(config)# telnet-client 209.157.22.39 0007.e90f.e9a0

Syntax: [no] telnet-client <ip-addr> <mac-addr>

The following command allows Telnet access to the HP device to a host with any IP address and MAC address

0007.e90f.e9a0:

ProCurveRS(config)# telnet-client any 0007.e90f.e9a0

Syntax: [no] telnet-client any <mac-addr>

To allow SSH access to the HP device only to the host with IP address 209.157.22.39 and MAC address

0007.e90f.e9a0, enter the following command:

ProCurveRS(config)# ip ssh client 209.157.22.39 0007.e90f.e9a0

Syntax: [no] ip ssh client <ip-addr> <mac-addr>

To allow SSH access to the HP device to a host with any IP address and MAC address 0007.e90f.e9a0, enter the

following command:

ProCurveRS(config)# ip ssh client any 0007.e90f.e9a0

Syntax: [no] ip ssh client any <mac-addr>

Specifying the Maximum Number of Login Attempts for Telnet Access

If you are connecting to the HP device using Telnet, the device prompts you for a username and password. By

default, you have up to 4 chances to enter a correct username and password. If you do not enter a correct

username or password after 4 attempts, the HP device disconnects the Telnet session.

In this release, you can specify the number of attempts a Telnet user has to enter a correct username and

password before the device disconnects the Telnet session. For example, to allow a Telnet user up to 5 chances

to enter a correct username and password, enter the following command:

2 - 8

June 2005

Table of Contents

This manual is also suitable for:

J4139aProcurve 9308mJ4874a Procurve 9408sl J4138a J8680a ... Show all

HP ProCurve 9304M Security Manual page 24

Related Manuals for HP ProCurve 9304M

Related Products for HP ProCurve 9304M

This manual is also suitable for:

Table of Contents