Restricting Telnet Access - HP ProCurve Secure Router 7203 dl Advanced Management And Configuration Manual
Secure router
Hide thumbs
Also See for ProCurve Secure Router 7203 dl:
- Configuration manual (1114 pages) ,
- Reference manual (1455 pages) ,
- Product end-of-life disassembly instructions (2 pages)
Table of Contents
Advertisement
Applying Access Control to Router Interfaces
Using ACLs Alone to Configure Access Control
5-22
In this ACL, the first entry permits HTTP traffic from network 192.168.1.0 /24,
and the second entry permits HTTP traffic from network 192.168.115.0 /24.
Because each ACL contains an implicit "deny any" at the end of the list, this
will be the only HTTP traffic that is allowed to access the Web browser
interface once the ACL is applied to the router.
To apply the ACL that controls HTTP access to the router, enter the following
command from the global configuration mode context:
Syntax: ip http access-class <listname> in
For example, if you wanted to apply an ACL called webaccess, you would
enter:
ProCurve(config)# ip http access-class webaccess in
Restricting Telnet Access
Restricting Telnet access to the router is similar to restricting access to an
interface. You configure an ACL and then apply that ACL to the appropriate
Telnet line configuration mode context. To restrict Telnet access, however,
you must configure a standard ACL. From the Telnet line configuration mode
context, enter:
Syntax: access-class <listname> in
For example, to control access to Telnet line 0, you must move to the Telnet
line 0 configuration mode context and then apply the Telnet ACL to incoming
Telnet traffic:
ProCurve(config)# line telnet 0
ProCurve(config-telnet0)# access-class Telnet in
If you assign the ACL to only one Telnet line but you have configured a
password for other lines, the hosts that you want to block may gain access. If
a host is denied access to one Telnet line, the Secure Router OS will assign the
host to the next available Telnet line.
Unless you only want to restrict access on a single Telnet line, you must apply
the standard ACL to all of the Telnet lines that you have enabled on the router.
If you want use the Telnet ACL to control access to all five Telnet lines, you
would enter:
ProCurve(config)# line telnet 0 4
ProCurve(config-telnet0-4)# access-class Telnet in
Advertisement
Chapters
Table of Contents
Troubleshooting
