Brocade Communications Systems 6650 Switch User Manual


 
Brocade ICX 6650 Security Configuration Guide 7
53-1002601-01
Remote access to management function restrictions
Restricting SNMP access to a specific IP address
To allow SNMP access only to the host with IP address 10.157.22.14, enter the following command.
Brocade(config)# snmp-client 10.157.22.14
Syntax: [no] snmp-client ip-addr | ipv6-addr
Restricting all remote management access to a specific IP address
To allow Telnet and SNMP management access to the Brocade device only to the host with IP
address 10.157.22.69, enter three separate commands (one for each access type) or enter the
following command.
Brocade(config)# all-client 10.157.22.69
Syntax: [no] all-client ip-addr | ipv6-addr
Restricting access to the device based on IP or
MAC address
You can restrict remote management access to the Brocade device, using Telnet, SSH, HTTP, and
HTTPS, based on the connecting client IP or MAC address.
Restricting Telnet connection
You can restrict Telnet connection to a device based on the client IP address or MAC address.
To allow Telnet access to the Brocade device only to the host with IP address 10.157.22.39 and
MAC address 0000.000f.e9a0, enter the following command.
Brocade(config)# telnet client 10.157.22.39 0000.000f.e9a0
Syntax: [no] telnet client ip-addr | ipv6-addr mac-addr
The following command allows Telnet access to the Brocade device to a host with any IP address
and MAC address 0000.000f.e9a0.
Brocade(config)# telnet client any 0000.000f.e9a0
Syntax: [no] telnet client any mac-addr
Restricting SSH connection
You can restrict SSH connection to a device based on the client IP address or MAC address.
To allow SSH access to the Brocade device only to the host with IP address 10.157.22.39 and MAC
address 0000.000f.e9a0, enter the following command.
Brocade(config)# ip ssh client 10.157.22.39 0000.000f.e9a0
Syntax: [no] ip ssh client ip-addr | ipv6-addr mac-addr