cancel
Showing results forĀ 
Search instead forĀ 
Did you mean:Ā 

ACL policy to restrict telnet is not working as desirable

ACL policy to restrict telnet is not working as desirable

Francisco_LeitĆ£
New Contributor
I'm new using extreme switches. I have configured the following ACL policy to allow only the networks listed in the policy to connect by telnet to the switch model X480-24X, running ExtremeXOS version 15.6.4.2, however only the host with IP address 200.20.76.42 is connecting the others are being rejected.
Has anyone ever faced this problem?

Entry AllowTheseSubnets {
if match any{
source-address 200.20.76.42 /32;
source-address 187.111.111.5 /32;
source-address 200.20.66.176 /27;
}
then
{
permit ;
}
}

Tks in advance

6 REPLIES 6

Joe_Sheldon_
New Contributor
The policy I use without issue is similar to:

Switch1.4 # sh policy telnet
Policies at Policy Server:
Policy: telnet
entry telnet {
if match any {
source-address 12.34.56.78/32 ;
source-address 12.34.56.79/32 ;
source-address 12.34.56.80/32 ;
source-address 12.34.56.81/32 ;
source-address 12.34.56.82/32 ;
source-address 12.34.54.0/24 ;
source-address 12.34.55.0/24 ;
}
then {
permit ;
}
}

StephenW
Extreme Employee
Make one entry per source address.

Entry AllowTheseSubnets1 {
if match any{
source-address 200.20.76.42 /32;
}
then{
permit ;
}}

Entry AllowTheseSubnets2 {
if match any{
source-address 187.111.111.5 /32;
}
then{
permit ;
}}

Entry AllowTheseSubnets3 {
if match any{
source-address 200.20.66.176 /27;
}
then{
permit ;
}}

GTM-P2G8KFN