Table of Contents
Advertisement
Restricting Web Management Access to a Specific VLAN
To allow Web management access only to clients in a specific VLAN, enter a command such as the following:
BigIron(config)# web-management enable vlan 10
The command in this example configures the device to allow Web management access only to clients connected
to ports within port-based VLAN 10. Clients connected to ports that are not in VLAN 10 are denied management
access.
Syntax: [no] web-management enable vlan <vlan-id>
Restricting SNMP Access to a Specific VLAN
To allow SNMP access only to clients in a specific VLAN, enter a command such as the following:
BigIron(config)# snmp-server enable vlan 40
The command in this example configures the device to allow SNMP access only to clients connected to ports
within port-based VLAN 40. Clients connected to ports that are not in VLAN 40 are denied access.
Syntax: [no] snmp-server enable vlan <vlan-id>
Restricting TFTP Access to a Specific VLAN
To allow TFTP access only to clients in a specific VLAN, enter a command such as the following:
BigIron(config)# tftp client enable vlan 40
The command in this example configures the device to allow TFTP access only to clients connected to ports within
port-based VLAN 40. Clients connected to ports that are not in VLAN 40 are denied access.
Syntax: [no] tftp client enable vlan <vlan-id>
Disabling Specific Access Methods
You can specifically disable the following access methods:
•
Telnet access
•
Web management access
•
SNMP access
NOTE: If you disable Telnet access, you will not be able to access the CLI except through a serial connection to
the management module. If you disable SNMP access, you will not be able to use IronView or third-party SNMP
management applications.
Disabling Telnet Access
Telnet access is enabled by default. You can use a Telnet client to access the CLI on the device over the network.
If you do not plan to use the CLI over the network and want to disable Telnet access to prevent others from
establishing CLI sessions with the device, enter the following command:
BigIron(config)# no telnet-server
To re-enable Telnet operation, enter the following command:
BigIron(config)# telnet-server
Syntax: [no] telnet-server
Disabling Web Management Access
If you want to prevent access to the device through the Web management interface, you can disable the Web
management interface.
December 2000
Securing Access to Management Functions
3 - 7
- Quick Links:
- Configuring Ip Addresses
Hide quick links:
Advertisement
Chapters
Table of Contents
