ExtremeSwitching (EXOS)

 View Only

 ACL for Web HTTP?

Jump to Best Answer
Zach Networks's profile image
Zach Networks posted 01-27-2022 09:41
I am unable to find any information regarding this. I am trying to setup an ACL to restrict access to the switch ENTIRELY except for the IP for XMC. 

I am unable to figure out how to include the web http module (the EXOS webpage for configuring the switch) 

I'm also curious if this will affect the ability of our captive portal and NAC working - or should that IP be included as allowed as well? Thanks.
Gabriel_G's profile image
Gabriel_G Best Answer
Hi Zach,

There is an article on this here:
https://extremeportal.force.com/ExtrArticleDetail?an=000078659

This will permit/deny access to the EXOS Web GUI itself. Note that this does not apply to SSH/Telnet/SNMP, which have access-profiles of their own, search our user guide or the knowledge base for more details there.

Regarding your XMC/NAC setup, I believe that XMC now does a lot of polling via the switch's RESTAPI, so it's a good idea to allow XMC through. Not 100% sure on NAC, but if your workflows aren't working or you're having issues with enforcing from XMC/NAC, I'd add the NAC IP as well.