beautypg.com

Changing management access – Amer Networks E5Web GUI User Manual

Page 60

background image

Note: Output buffer limitations

The only limitation with issuing CLI commands through the serial console is that there is
a finite buffer allocated for output. This buffer limit means that a large volume of
console output may be truncated. This happens rarely and usually only with data
dumps from certain diagnostic commands. In such cases it is better to issue the
commands using an SSH client instead.

2.1.8. Changing Management Access

Management HTTP/HTTPS and SSH access to cOS Core is allowed by default from the IPv4
network 192.168.1.0/24 which is routed on the default management interface. The default
management interface chosen by cOS Core can be different depending on the hardware and is
usually the first one found by cOS Core when the available interfaces are first scanned on initial
startup. cOS Core assigns the default IPv4 address 192.168.1.1 to this interface.

In general, management access depends on two factors:

What kind of access the configuration's remote management rules allow. This decides the
interface on which management access is allowed, which protocol is allowed and from which
IP range.

The IP address assigned to a management interface. This IP address can be changed as long
as the new IP belongs to the network allowed by the relevant remote management rule.

The Default Remote Management Rules

In the default cOS Core configuration, the following remote management rule objects already
exist:

A RemoteMgmtHTTP object called rmgmt_http controls HTTP and HTTPS access through the
Web Interface. By default, both HTTP and HTTPS are allowed from the 192.168.1.0/24 network
on the default management interface.

A RemoteMgmtSSH object called rmgmt_ssh controls SSH access using the CLI. This is
enabled by default and allows SSH access from the 192.168.1.0/24 network on the default
management interface.

For other types of access such as using NetCon for InControl and SNMP, additional objects for
remote access must be created.

Preventing Loss of Management Access

When the IP address of the management interface or a remote management rule is changed,
there is a risk that the change can prevent further management access. cOS Core prevents this in
the following ways:

Changes made through the Web Interface

For configuration changes to the Web Interface, there is a delay after performing a Save and
Activate operation (the default is 30 seconds) followed by an automatic check that the web
browser and cOS Core can still communicate. If communication is lost after the delay, the
original configuration is restored.

Chapter 2: Management and Maintenance

60

This manual is related to the following products:
See also other documents in the category Amer Networks Computer Accessories: