Configuration Guide User guide

ManualsBrandsBrocade ManualsComputer AccessoriesFastIron

171

172

173

174

175

176

177

178

179

180

FastIron Configuration Guide 117

53-1002494-02

Remote access to management function restrictions

Restricting access to the device based on IP or

MAC address

You can restrict remote management access to the Brocade device, using Telnet, SSH, HTTP, and

HTTPS, based on the connecting client IP or MAC address.

Restricting Telnet connection

You can restrict Telnet connection to a device based on the client IP address or MAC address.

To allow Telnet access to the Brocade device only to the host with IP address 209.157.22.39 and

MAC address 0007.e90f.e9a0, enter the following command.

Brocade(config)#telnet client 209.157.22.39 0007.e90f.e9a0

Syntax: [no] telnet client <ip-addr> | <ipv6-addr> <mac-addr>

NOTE

For FCX devices, this feature applies only to IPv4 clients.

The following command allows Telnet access to the Brocade device to a host with any IP address

and MAC address 0007.e90f.e9a0.

Brocade(config)#telnet client any 0007.e90f.e9a0

Syntax: [no] telnet client any <mac-addr>

Restricting SSH connection

You can restrict SSH connection to a device based on the client IP address or MAC address.

To allow SSH access to the Brocade device only to the host with IP address 209.157.22.39 and

MAC address 0007.e90f.e9a0, enter the following command.

Brocade(config)#ip ssh client 209.157.22.39 0007.e90f.e9a0

Syntax: [no] ip ssh client <ip-addr> | <ipv6-addr> <mac-addr>

To allow SSH access to the Brocade device to a host with any IP address and MAC address

0007.e90f.e9a0, enter the following command.

Brocade(config)#ip ssh client any 0007.e90f.e9a0

Syntax: [no] ip ssh client any <mac-addr>

Restricting HTTP and HTTPS connection

You can restrict an HTTP or HTTPS connection to a device based on the client IP address or MAC

address.

To allow HTTP and HTTPS access to the Brocade device only to the host with IP address

209.157.22.40 and MAC address 0007.e90f.ab1c, enter the following command.

Brocade(config)#web client 209.157.22.40 0007.e90f.ab1c

Syntax: [no] web client <ip-addr> | <ipv6-addr> <mac-addr>

The following command allows HTTP and HTTPS access to the Brocade device to a host with any IP

address and MAC address 0007.e90f.10ba.