Manualshelf

Configuration Guide User guide

ManualsBrandsBrocade ManualsComputer AccessoriesFastIron
171172173174175176177178179180
FastIron Configuration Guide 115
53-1002494-02
Remote access to management function restrictions
NOTE
When snmp-server community is configured, all incoming SNMP packets are validated first by their
community strings and then by their bound ACLs.
Defining the console idle time
By default, a Brocade device does not time out serial console sessions. A serial session remains
open indefinitely until you close it. You can however define how many minutes a serial management
session can remain idle before it is timed out.
NOTE
You must enable AAA support for console commands, AAA authentication, and Exec authorization in
order to set the console idle time.
To configure the idle time for a serial console session, use the following command.
Brocade(config)#console timeout 120
Syntax: [no] console timeout <0 – 240>
Possible values: 0 – 240 minutes
Default value: 0 minutes (no timeout)
NOTE
In RADIUS, the standard attribute Idle-Timeout is used to define the console session timeout value.
The attribute Idle-Timeout value is specified in seconds. Within the switch, it is truncated to the
nearest minute, because the switch configuration is defined in minutes.
Remote access restrictions
By default, a Brocade device does not control remote management access based on the IP address
of the managing device. You can restrict remote management access to a single IP address for the
following access methods:
Telnet access
SSH access
Web management access
SNMP access
In addition, you can restrict all access methods to the same IP address using a single command.
The following examples show the CLI commands for restricting remote access. You can specify only
one IP address with each command. However, you can enter each command ten times to specify
up to ten IP addresses.
NOTE
You cannot restrict remote management access using the Web Management Interface.