Restricting Source Ips Access To Management; Configuring Acl Through The Cli - Nortel Contivity 1100 Configuration Manual
Vpn router basic features
Hide thumbs
Also See for Contivity 1100:
- Connecting manual (6 pages) ,
- Install manual (218 pages) ,
- Installing (158 pages)
Table of Contents
Advertisement
44 Chapter 2 Getting started
Restricting source IPs access to management
You are able to filter management access of source IP addresses. Access Lists
(ACLs) restrict connection of designated source IPs for management purposes
over HTTP, FTP, TELNET and SNMP. Management traffic is intercepted and if
the destination is System and the packet is for one of the four services above, the
source IP address is matched against the ACL that is set for the particular service.
If no ACL is defined for HTTP, for example, then http traffic is permited for any
IP address that comes as a source address in the packet.
The IP address of a source client is logged in the syslog output whether the logon
connection attempt is successful or not.
Configuring ACL through the CLI:
Use the following commands to configure ACL in CLI:
To set an ACL for HTTP, enter the following NNCLI command:
CES(config)#http access-list <the_name_of_an_acl>
To remove an ACL for HTTP, enter the following command:
CES(config)#no http access-list
To set an ACL for FTP, enter the following NNCLI command:
CES(config)#ftp-server access-list <the_name_of_an_acl>
To remove an ACL for FTP, enter the following command:
CES(config)#no ftp-server access-list
To set an ACL for SNMP, enter the following NNCLI command:
CES(config)#snmp-server access-list <the_name_of_an_acl>
To remove an ACL for SNMP, enter the following command:
CES(config)#no snmp-server access-list
NN46110-500
Hide quick links:
Advertisement
Table of Contents
