Quick Reference Guide
PowerConnect B-Series TI24X Configuration Guide 857
53-1002269-02
Restricting remote access to management functions
26
Restricting remote access to management functions
You can restrict access to management functions from remote sources, including Telnet, , and
SNMP. The following methods for restricting remote access are supported:
• Using ACLs to restrict Telnet, or SNMP access
• Allowing remote access only from specific IP addresses
• Allowing Telnet and SSH access only from specific MAC addresses
• Allowing remote access only to clients connected to a specific VLAN
• Specifically disabling Telnet, or SNMP access to the device
The following sections describe how to restrict remote access to a device using these methods.
Using ACLs to restrict remote access
You can use standard ACLs to control the following access methods to management functions on a
device:
• Telnet
• SSH
• SNMP
Consider the following to configure access control for these management access methods.
1. Configure an ACL with the IP addresses you want to allow to access the device.
2. Configure a Telnet access group, SSH access group, and SNMP community strings. Each of
these configuration items accepts an ACL as a parameter. The ACL contains entries that
identify the IP addresses that can use the access method.
The following sections present examples of how to secure management access using ACLs. Refer
to Chapter 13, “Configuring Rule-Based IP Access Control Lists” for more information on
configuring ACLs.
Using an ACL to restrict Telnet access
To configure an ACL that restricts Telnet access to the device, enter commands such as the
following.
TFTP access Not secured Allow TFTP access only to clients connected to a
specific VLAN
page 862
Disable TFTP access page 865
TABLE 135 Ways to secure management access to devices (Continued)
Access method How the access
method is secured
by default
Ways to secure the access method See page