Using Authorized IP Managers

Overview

Overview

Authorized IP Manager Features

Feature

Default

Menu

CLI

Web

 

 

 

 

 

Listing (Showing) Authorized

n/a

page 10-5

page 10-6

page 10-9

Managers

 

 

 

 

Configuring Authorized IP

None

page 10-5

page 10-6

page 10-9

Managers

 

 

 

 

Building IP Masks

n/a

page 10-9

page 10-9

page 10-9

Operating and Troubleshooting

n/a

page 10-12

page 10-12

page 10-12

Notes

 

 

 

 

 

 

 

 

 

The Authorized IP Managers feature uses IP addresses and masks to determine which stations (PCs or workstations) can access the switch through the network. This covers access through the following means:

Telnet and other terminal emulation applications

The switch’s web browser interface

SNMP (with a correct community name)

Also, when configured in the switch, the Authorized IP Managers feature takes precedence over local passwords, TACACS+, RADIUS, Port-Based Access Control (802.1X), and Port Security. This means that the IP address of a networked management device must be authorized before the switch will attempt to authenticate the device by invoking other access security features. If the Authorized IP Managers feature disallows access to the device, then access is denied. Thus, with authorized IP managers configured, having the correct passwords is not sufficient for accessing the switch through the network unless the station attempting access is also included in the switch’s Authorized IP Managers configuration.

You can use Authorized IP Managers along with other access security features to provide a more comprehensive security fabric than if you use only one or two security options. Refer to table 1-1, “Management Access Security Protec- tion” (page 1-4) for a listing of access security features with the security coverage they provide.

10-2