Section 19.2.7, Internet – Westermo RedFox Series User Manual
Page 405
Westermo OS Management Guide
Version 4.17.0-0
19.2.7
Management Interface
The operator can manage the switch remotely in several ways: Web (HTTP/HTTPS),
SSH, Telnet, SNMP and WeConfig (using the IPConfig service). As described in
it is possible to completely disable individual management services,
however, there are situations when an operator may wish to limit management
access to a certain network interface or VLAN. WeOS provides a powerful mecha-
nism for controlling access to management services on a per interface basis. An
interface where one or more management services are enabled is referred to as
a management interface.
1 2 3 4
8
7
6
5
Internet
Interface vlan1:
management ssh http https ipconfig snmp
Interface vlan2:
no management
Interface vlan3:
management ssh
WeOS Switch/Router
VLAN 1
VLAN 3
VLAN 2
Figure 19.2: Management service filtering per interface.
gives an example on the flexibility by the management interface feature
in WeOS. The switch has three network interfaces – one for each VLAN. VLAN
1 is the administrator’s local LAN with full management capabilities. VLAN 2
is another local LAN for regular in-house users, from which no management is
allowed. VLAN 3 is used as the upstream connection; in this example SSH is
allowed on this network interface, while other services are disabled.
➞ 2015 Westermo Teleindustri AB
405