Filter
Top Products
Filtering IP Addresses for Management Access
3-73
3
Web – Click Security, ACL, Port Binding. Mark the Enable field for the port you want
to bind to an ACL for ingress or egress traffic, select the required ACL from the
drop-down list, then click Apply.
Figure 3-39. ACL Port Binding
CLI – This examples assigns an IP and MAC ingress ACL to port 1, and an IP
ingress ACL to port 2.
Filtering IP Addresses for Management Access
You can specify the client IP addresses that are allowed management access to the
switch through the web interface, SNMP, or Telnet.
Command Usage
• The management interfaces are open to all IP addresses by default. Once you add
an entry to a filter list, access to that interface is restricted to the specified
addresses.
• If anyone tries to access a management interface on the switch from an invalid
address, the switch will reject the connection, enter an event message in the
system log, and send a trap message to the trap manager.
• IP address can be configured for SNMP, web and Telnet access respectively. Each
of these groups can include up to five different sets of addresses, either individual
addresses or address ranges.
Console(config)#interface ethernet 1/1 4-130
Console(config-if)#ip access-group david in 4-94
Console(config-if)#mac access-group jerry in 4-104
Console(config-if)#exit
Console(config)#interface ethernet 1/2
Console(config-if)#ip access-group david in
Console(config-if)#