Securing Access to Management Functions
December 2000
3 - 3
Restricting Remote Access to Management Functions
You can restrict access to management functions from remote sources, including Telnet, the Web management
interface, and SNMP. The following methods for restricting remote access are supported:
•
Using ACLs to restrict Telnet, Web management interface, or SNMP access
•
Allowing remote access only from specific IP addresses
•
Allowing remote access only to clients connected to a specific VLAN
•
Specifically disabling Telnet, Web management interface, or SNMP access to the device
The following sections describe how to restrict remote access to a Foundry device using these methods.
Web management access
SNMP read or read-
write community
strings
Regulate Web management access using
ACLs
3-4
Allow Web management access only from
specific IP addresses
3-6
Allow Web management access only to clients
connected to a specific VLAN
3-7
Disable Web management access
3-7
Set up local user accounts
3-12
Establish SNMP read or read-write community
strings
3-14
Configure TACACS/ security
3-18
Configure RADIUS security
3-33
SNMP (IronView) access
SNMP read or read-
write community
strings and the
password to the Super
User privilege level
Note
: SNMP read or
read-write community
strings are always
required for SNMP
access to the device.
Regulate SNMP access using ACLs
3-5
Allow SNMP access only from specific IP
addresses
3-6
Disable SNMP access
3-8
Allow SNMP access only to clients connected
to a specific VLAN
3-7
Establish passwords to management levels of
the CLI
3-10
Set up local user accounts
3-12
Establish SNMP read or read-write community
strings
3-14
TFTP access
Not secured
Allow TFTP access only to clients connected
to a specific VLAN
3-7
Table 3.1: Ways to secure management access to Foundry devices (Continued)
Access method
How the access
method is secured
by default
Ways to secure the access method
See
page
Summary of Contents for Switch and Router
Page 2: ...December 2000 Copyright 2000 by Foundry Networks Inc ...
Page 26: ...Foundry Switch and Router Installation and Configuration Guide xxvi December 2000 ...
Page 64: ...Foundry Switch and Router Installation and Configuration Guide 2 34 December 2000 ...
Page 162: ...Foundry Switch and Router Installation and Configuration Guide 5 38 December 2000 ...
Page 196: ...Foundry Switch and Router Installation and Configuration Guide 6 34 December 2000 ...
Page 208: ...Foundry Switch and Router Installation and Configuration Guide 7 12 December 2000 ...
Page 236: ...Foundry Switch and Router Installation and Configuration Guide 8 28 December 2000 ...
Page 258: ...Foundry Switch and Router Installation and Configuration Guide 9 22 December 2000 ...
Page 420: ...Foundry Switch and Router Installation and Configuration Guide 13 32 December 2000 ...
Page 442: ...Foundry Switch and Router Installation and Configuration Guide 14 22 December 2000 ...
Page 554: ...Foundry Switch and Router Installation and Configuration Guide 15 112 December 2000 ...
Page 574: ...Foundry Switch and Router Installation and Configuration Guide 16 20 December 2000 ...
Page 626: ...Foundry Switch and Router Installation and Configuration Guide 17 52 December 2000 ...
Page 682: ...Foundry Switch and Router Installation and Configuration Guide 18 56 December 2000 ...
Page 826: ...Foundry Switch and Router Installation and Configuration Guide 20 20 December 2000 ...
Page 994: ...Foundry Switch and Router Installation and Configuration Guide 26 10 December 2000 ...
Page 1004: ...Foundry Switch and Router Installation and Configuration Guide B 6 December 2000 ...
Page 1044: ...Foundry Switch and Router Installation and Configuration Guide C 40 December 2000 ...
Page 1048: ...Foundry Switch and Router Installation and Configuration Guide D 4 December 2000 ...
Page 1070: ...Foundry Switch and Router Installation and Configuration Guide Index 18 December 2000 ...