6-4
IPv6 Management Security Features
Authorized IP Managers for IPv6
■ You configure each authorized manager address with Manager or Opera-
tor-level privilege to access the switch in a Telnet, SNMPv1, or SNMPv2c
session. (Access privilege for SSH, SNMPv3, and web browser sessions
are configured through the access application, not through the Authorized
IP Managers feature.)
• Manager privilege allows full access to all web browser and console
interface screens for viewing, configuration, and all other operations
available in these interfaces.
• Operator privilege allows read-only access from the web browser and
console interfaces.
■ When you configure station access to the switch using the Authorized IP
Managers feature, the settings take precedence over the access config-
ured with local passwords, TACACS+ servers, RADIUS-assigned settings,
port-based (802.1X) authentication, and port security settings.
As a result, the IPv6 address of a networked management device must be
configured with the Authorized IP Managers feature before the switch can
authenticate the device using the configured settings from other access
security features. If the Authorized IP Managers feature disallows access
to the device, then access is denied. Therefore, with authorized IP man-
agers configured, logging in with the correct passwords is not sufficient
to access a switch through the network unless the station requesting
access is also authorized in the switch’s Authorized IP Managers config-
uration.