HP9300(config)# access-list 30 deny 220.127.116.11 0.0.0.255 log
HP9300(config)# access-list 30 deny 18.104.22.168/24 log
HP9300(config)# access-list 30 permit any
HP9300(config)# snmp-server community public ro 25
HP9300(config)# snmp-server community private rw 30
HP9300(config)# write memory
Syntax: snmp-server community <string> ro | rw <num>
The <string> parameter specifies the SNMP community string the user must enter to gain SNMP access.
The ro parameter indicates that the community string is for read-only ("get") access. The rw parameter indicates
the community string is for read-write ("set") access.
The <num> parameter specifies the number of a standard ACL and must be from 1 – 99.
These commands configure ACLs 25 and 30, then apply the ACLs to community strings.
ACL 25 is used to control read-only access using the "public" community string. ACL 30 is used to control read
write access using the "private" community string.
Restricting Remote Access to the Device to Specific IP Addresses
By default, an HP device does not control remote management access based on the IP address of the managing
device. You can restrict remote management access to a single IP address for the following access methods:
Web management access
In addition, if you want to restrict all three access methods to the same IP address, you can do so using a single
The following examples show the CLI commands for restricting remote access. You can specify only one IP
address with each command. However, you can enter each command ten times to specify up to ten IP addresses.
NOTE: You cannot restrict remote management access using the Web management interface.
Restricting Telnet Access to a Specific IP Address
To allow Telnet access to the HP device only to the host with IP address 22.214.171.124, enter the following
HP9300(config)# telnet-client 126.96.36.199
Syntax: [no] telnet-client <ip-addr>
Restricting Web Management Access to a Specific IP Address
To allow Web management access to the HP device only to the host with IP address 188.8.131.52, enter the
HP9300(config)# web-client 184.108.40.206
Syntax: [no] web-client <ip-addr>
Restricting All Remote Management Access to a Specific IP Address
To allow Telnet, Web, and SNMP management access to the HP device only to the host with IP address
220.127.116.11, you can enter three separate commands (one for each access type) or you can enter the following
HP9300(config)# all-client 18.104.22.168
Syntax: [no] all-client <ip-addr>
3 - 5