Brocade Mobility RFS Controller CLI Reference Guide (Supporting software release 5.5.0.0 and later) User Manual

1028

Brocade Mobility RFS Controller CLI Reference Guide

53-1003098-01

16

•

Access Points — Brocade Mobility 650 Access Point, Brocade Mobility 6511 Access Point,
Brocade Mobility 1220 Access Point, Brocade Mobility 71XX Access Point, Brocade
Mobility 1240 Access Point

•

Wireless Controllers — Brocade Mobility RFS4000, Brocade Mobility RFS6000, Brocade
Mobility RFS7000

•

Service Platforms — Brocade Mobility RFS9510

Syntax:

restrict-access [host|ip-access-list|subnet]

restrict-access host {|log|subnet}

restrict-access host {|log [all|denied-only]}

restrict-access host {subnet {|log [all|denied-only]}}

restrict-access ip-access-list

restrict-access subnet {|host|log}

restrict-access subnet {|log [all|denied-only]}

restrict-access subnet {host {log [all|denied-only]}}

Parameters

restrict-access host {|log [all|denied-only]}

restrict-access host {subnet {|log [all|denied-only]}}

restrict-access ip-access-list

host

Restricts management access to a specified host. Filters access requests based on a host’s IP address

•

– Specify the host’s IP address.

Optional. Use this option to add multiple hosts, if required, to the restrict access list.

log
[all|denied-only]

Optional. Configures a logging policy for access requests. Sets the log type generated for access requests

•

all – Logs all access requests, both denied and permitted

•

denied-only – Logs only denied access (when an access request is received from a host denied
access, a record is logged)

host

Restricts management access to a specified host. Uses the IP address of a host to filter access requests

•

– Specify the host’s IP address.

subnet

Optional. Restricts access to the host on a specified subnet. Uses a subnet IP address as a second filter
option

•

– Sets the subnet IP address in the A.B.C.D/M format

Optional. Use this option to add multiple subnets, if required, to the restrict access list.

log [all|denied-only]

Optional. Configures a logging policy for access requests. Sets the log type generated for access requests

•

all – Logs all access requests, both denied and permitted

•

denied-only – Logs only denied access (when an access request is received from a host denied
access, a record is logged)

ip-access-list

Uses an IP access list to filter access requests
IP based firewalls function like Access Control Lists (ACLs) to filter/mark packets based on the IP from
which they arrive, as opposed to filtering packets on layer 2 ports. IP firewalls implement uniquely defined
access control policies. To have effective firewalls, you need to have a clear idea of the kind of access to
allow or deny. A poorly defined firewall is of little value, and could provide a false sense of network
security.

Sets the access list name