This command specifies the client IP addresses that are allowed
management
management access to the switch through various protocols. Use the no
form to restore the default setting.
S
YNTAX
[no] management {all-client | http-client | snmp-client |
D
EFAULT
All addresses
C
OMMAND
Global Configuration
C
OMMAND
If anyone tries to access a management interface on the switch from an
◆
invalid address, the switch will reject the connection, enter an event
message in the system log, and send a trap message to the trap
manager.
IP address can be configured for SNMP, web, and Telnet access
◆
respectively. Each of these groups can include up to five different sets
of addresses, either individual addresses or address ranges.
When entering addresses for the same group (i.e., SNMP, web, or
◆
Telnet), the switch will not accept overlapping address ranges. When
entering addresses for different groups, the switch will accept
overlapping address ranges.
◆
You cannot delete an individual address from a specified range. You
must delete the entire range, and reenter the addresses.
You can delete an address range just by specifying the start address, or
◆
by specifying both the start address and end address.
E
XAMPLE
This example restricts management access to the indicated addresses.
Console(config)#management all-client 192.168.1.19
Console(config)#management all-client 192.168.1.25 192.168.1.30
Console#
telnet-client} start-address [end-address]
all-client - Adds IP address(es) to all groups.
http-client - Adds IP address(es) to the web group.
snmp-client - Adds IP address(es) to the SNMP group.
telnet-client - Adds IP address(es) to the Telnet group.
start-address - A single IP address, or the starting address of a
range.
end-address - The end address of a range.
S
ETTING
M
ODE
U
SAGE
– 705 –
| Authentication Commands
C
27
HAPTER
Management IP Filter