How i can enable access list using only mac address to ssh login
Options
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Get Direct Link
- Report Inappropriate Content
‎07-17-2017 03:07 AM
Hello
i would like to enable access list using mac address of certain PC
i am asking because i used the same code of access list using only ip address
i used this code
entry AllowManagementIP { if match any { ethernet-source-address F8:A7:BC:E0:D1:AE; } then { permit; } } and it didnt work still eny pc can login using ssh i did refresh policy cammand still the same problem
i would like to enable access list using mac address of certain PC
i am asking because i used the same code of access list using only ip address
i used this code
entry AllowManagementIP { if match any { ethernet-source-address F8:A7:BC:E0:D1:AE; } then { permit; } } and it didnt work still eny pc can login using ssh i did refresh policy cammand still the same problem
21 REPLIES 21
Options
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Get Direct Link
- Report Inappropriate Content
‎07-17-2017 06:33 AM
yes and still can login with other pc
Options
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Get Direct Link
- Report Inappropriate Content
‎07-17-2017 06:30 AM
Did you enable ssh2 to use the access-profile?
enable ssh2 access-profile ssh2-acl
enable ssh2 access-profile ssh2-acl
Options
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Get Direct Link
- Report Inappropriate Content
‎07-17-2017 06:26 AM
i am using it to ssh login
using this cammand
config ssh2 access-profile ssh2-acl
using this cammand
config ssh2 access-profile ssh2-acl
Options
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Get Direct Link
- Report Inappropriate Content
‎07-17-2017 06:23 AM
Did you assign the policy to the ingress port?
Options
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Get Direct Link
- Report Inappropriate Content
‎07-17-2017 06:21 AM
entry AllowManagementIP { if match any { ethernet-source-address F8:A7:BC:E0:D1:AE; } then { permit; } }entry DenyAllIngress{
if {
} then {
deny;
}
}
still can login with other pc
if {
} then {
deny;
}
}
still can login with other pc