Remote access to management function restrictions

Restricting SNMP access to a specific IP address

To allow SNMP access only to the host with IP address 10.157.22.14, enter the following command.

Brocade(config)# snmp-client 10.157.22.14

Syntax: [no] snmp-client ip-addripv6-addr

Restricting all remote management access to a specific IP address

To allow Telnet and SNMP management access to the Brocade device only to the host with IP address 10.157.22.69, enter three separate commands (one for each access type) or enter the following command.

Brocade(config)# all-client 10.157.22.69

Syntax: [no] all-client ip-addripv6-addr

Restricting access to the device based on IP or

MAC address

You can restrict remote management access to the Brocade device, using Telnet, SSH, HTTP, and HTTPS, based on the connecting client IP or MAC address.

Restricting Telnet connection

You can restrict Telnet connection to a device based on the client IP address or MAC address.

To allow Telnet access to the Brocade device only to the host with IP address 10.157.22.39 and MAC address 0000.000f.e9a0, enter the following command.

Brocade(config)# telnet client 10.157.22.39 0000.000f.e9a0

Syntax: [no] telnet client ip-addr ipv6-addr mac-addr

The following command allows Telnet access to the Brocade device to a host with any IP address and MAC address 0000.000f.e9a0.

Brocade(config)# telnet client any 0000.000f.e9a0

Syntax: [no] telnet client any mac-addr

Restricting SSH connection

You can restrict SSH connection to a device based on the client IP address or MAC address.

To allow SSH access to the Brocade device only to the host with IP address 10.157.22.39 and MAC address 0000.000f.e9a0, enter the following command.

Brocade(config)# ip ssh client 10.157.22.39 0000.000f.e9a0

Syntax: [no] ip ssh client ip-addr ipv6-addr mac-addr

Brocade ICX 6650 Security Configuration Guide

7

53-1002601-01

 

Page 27
Image 27
Brocade Communications Systems 6650 manual Restricting access to the device based on IP or MAC address