Management Access Error Messages - Cisco ROUTER-SDM-CD User Manual

vty Settings
Note

Management Access Error Messages

Cisco Router and Security Device Manager 2.5 User's Guide
31-20
If you want to make users employ secure protocols when logging in to Cisco
SDM, check Allow secure protocols only. When you check this box, the
following protocols are automatically checked: SSH, HTTPS, RCP. If you then
check a nonsecure protocol such as Telnet, Cisco SDM unchecks Allow secure
protocols only.
You Can Specify Management Protocols Individually
If you want to specify individual protocols that the host or network can use, you
can check any of the boxes: Telnet, SSH, HTTP, RCP, or SNMP.
If Telnet and SSH are not enabled (checked) in the VTYs window, and SNMP is
not enabled in the SNMP Properties window, Cisco SDM will advise you to
enable those protocols when they are specified in this window.
The options Allow secure protocols only and HTTPS are disabled if the Cisco
IOS release on the router does not support HTTPS.
The following error messages may be generated by the Management Access
feature.
Error Message
SDM Warning: ANY Not Allowed
A management policy is read-only if any of its source or
Explanation
destination rule entries contain the "any" keyword. Such policies cannot be
edited in the Management Access window. A policy containing the "any"
keyword can create a security risk for the following reasons:
If "any" is associated with source, it allows traffic from any network to
–
enter the router.
Chapter 31 Router Properties
OL-4015-12