This website uses cookies. By clicking Accept, you consent to the use of cookies. Click Here to learn more about how we use cookies.
Accept
Reject
Help
cancel
Turn on suggestions
Showing results for 
Search instead for 
Did you mean: 

How i can enable access list using ip address to ssh login

How i can enable access list using ip address to ssh login

Adnan
New Contributor

‎07-30-2017 03:55 AM

hello
i am facing a problem when i am using ACL for SSH using this code it deny all the ip addresses to login using ssh

other question what is the differnce between source-address and destination-address

because i saw alot of people in the community posting using source-address and destination-address to login for ssh how come !!!

entry AllowManagementIP { if match any { source-address 10.10.10.252/32; } then { permit; } }
0 Kudos
2 REPLIES 2

Sushruth_Sathya
Extreme Employee

‎08-01-2017 04:34 AM

Hi Adnan,

When you configure an ACL for an access profile, in this case - the SSH access profile, there is an implicit deny entry. This means, other than the traffic explicitly allowed (10.10.10.252/32), all other SSH access will be denied.
0 Kudos

Ram3
Extreme Employee

‎07-30-2017 04:43 AM

Please see the below provided knowledge base articles for your reference:

https://gtacknowledge.extremenetworks.com/articles/Q_A/SSH-Access-Profile

https://gtacknowledge.extremenetworks.com/articles/How_To/Create-an-ACL-on-an-XOS-switch-for-SSH2-se...

https://gtacknowledge.extremenetworks.com/articles/Q_A/SSH-Access-Profile/?_ga=2.14544561.780693609....

https://gtacknowledge.extremenetworks.com/articles/How_To/How-to-restrict-telnet-access

1. Source-address is where the traffic originating from, like a end user/device (host).
2. Destination-address is where the user traffic destined to communicate (send the data to an end point).

li.common.scroll-to.top
GTM-P2G8KFN