Restricting source ips access to management, Configuring acl through the cli – Panasonic 7 User Manual
Page 44
Attention! The text in this document has been recognized automatically. To view the original document, you can use the "Original mode".
44 Chapter 2 Getting started
Restricting source IPs access to management
You are able to filter management access of source IP addresses. Access Lists
(ACLs) restrict connection of designated source IPs for management purposes
over HTTP, FTP, TELNET and SNMP. Management traffic is intercepted and if
the destination is System and the packet is for one of the four services above, the
source IP address is matched against the ACL that is set for the particular service.
If no ACL is defined for HTTP, for example, then http traffic is permited for any
IP address that comes as a source address in the packet.
The IP address of a source client is logged in the syslog output whether the logon
connection attempt is successful or not.
Configuring ACL through the CLI:
Use the following commands to configure ACL in CLI:
To set an ACL for HTTP, enter the following NNCLI command:
CES(config)#
http access-list
To remove an ACL for HTTP, enter the following command:
CES(config)
#no http access-list
To set an ACL for FTP, enter the following NNCLI command:
CES(config)
#ftp-server access-list
To remove an ACL for FTP, enter the following command:
CES(config)#
no ftp-server access-list
To set an ACL for SNMP, enter the following NNCLI command:
CES(config)
#s^mp-server access-list
To remove an ACL for SNMP, enter the following command:
CES(config)
#no sn^p-server access-list
NN46110-500