Manuals / Cisco Systems / Computer Equipment / Network Card

Cisco Systems SCE 2000 4xGBE We want to restrict Telnet access to only a few permitted stations

Models: SCE 2000 4xGBE

1 152
Download 152 pages 7.79 Kb
Page 80
Image 80
•We want to restrict Telnet access to only a few permitted stations.

Chapter 5 Connecting the Management Interfaces and Performing Initial System Configuration

Initial System Configuration

EXAMPLE:

This example illustrates a common access control scenario. Let us assume the following:

We want to permit every station to access the SCE on the management port (e.g. ping, SNMP polling etc.).

We want to restrict Telnet access to only a few permitted stations.

We therefore need to create two access control lists:

For general IP access: permit access to all IP addresses.

For Telnet: permit access to the specified IP address, and deny to all others. ACL #1 = permit any IP address. Assign to IP access.

ACL #2 = permit access to 10.1.1.0, 10.10.10.1, deny to all others. Assign to Telnet access.

Would you like to enter the Access lists configuration menu? [no]: y

Would you like create new Access lists or modify existing lists? [no]: y

Enter ACL number: 1

Does this entry permit access? [yes]:

Enter IP address or the word ‘any’ to denote any IP address: any

This entry matches every IP address, no use in adding more entries to this list.

Would you like to configure another list? [no]: y

Enter ACL number: 2

Does this entry permit access? [yes]:

Enter IP address or the word ‘any’ to denote any IP address: 10.1.1.0

Enter wildcard bits: 0.0.0.0

Would you like to add another entry to this list? [no]:y Does this entry permit access? [yes]:

Enter IP address or the word ‘any’ to denote any IP address: 10.10.10.1

Enter wildcard bits: 0.0.0.0

Would you like to add another entry to this list? [no]:y Does this entry permit access? [yes]:n

Enter IP address or the word ‘any’ to denote any IP address: any

This entry matches every IP address, no use in adding more entries to this list.

Would you like to configure another list? [no]: Enter IP access-class [0]: 1

Enter Telnet access-class [0]: 2

EXAMPLE 2:

This example skips the first section of the dialog (creating/modifying), and proceeds directly to assign existing ACLs.

Would you like to enter the Access lists configuration menu? [no]: y

Would you like create new Access lists or modify existing lists? [no]:

Enter IP access-class [0]: 10

Enter Telnet access-class [0]: 22

SCE 2000 4xGBE Installation and Configuration Guide

5-16

OL-7824-02

 

 

 

 

Page 79 Page 81
Page 80
Image 80
Cisco Systems SCE 2000 4xGBE manual We want to restrict Telnet access to only a few permitted stations
Page 79 Page 81