Restricting telnet access to a specific ip address, Restricting ssh access to a specific ip address – Brocade Multi-Service IronWare Security Configuration Guide (Supporting R05.6.00) User Manual
Page 28
10
Multi-Service IronWare Security Configuration Guide
53-1003035-02
Restricting remote access to management functions
1
Possible values: 0 – 240 minutes
Default value: 0 minutes (no timeout)
NOTE
The standard for the idle-timeout RADIUS attribute is for it to be implemented in seconds as opposed
to the minutes that the Brocade device uses. If this attribute is used for setting idle time instead of
this configuration, the value from the idle-timeout RADIUS attribute will be converted from seconds
to minutes and truncated to the nearest minute.
Restricting remote access to the device to
specific IP addresses
By default, a Brocade device does not control remote management access based on the IP address
of the managing device. You can restrict remote management access to a single IP address for the
following access methods:
•
Telnet access
•
Web management access
•
SNMP access
•
SSH access
In addition, if you want to restrict all three access methods to the same IP address, you can do so
using a single command.
The following examples show the CLI commands for restricting remote access. You can specify only
one IP address with each command. However, you can enter each command ten times to specify
up to ten IP addresses.
NOTE
You cannot restrict remote management access using the Web Management Interface.
Restricting Telnet access to a specific IP address
To allow Telnet access to the Brocade device only to the host with IP address 10.157.22.39, enter
the following command.
Brocade(config)# telnet client 10.157.22.39
Syntax: [no] telnet client ip-addr
Restricting SSH access to a specific IP address
To allow SSH access to the Brocade device only to the host with IP address 10.157.22.39, enter the
following command.
Brocade(config)# ip ssh client 10.157.22.39
Syntax: [no] ip ssh client ip-addr