How i can enable access list using only mac address to ssh login
Options
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Get Direct Link
- Report Inappropriate Content
‎07-17-2017 03:07 AM
Hello
i would like to enable access list using mac address of certain PC
i am asking because i used the same code of access list using only ip address
i used this code
entry AllowManagementIP { if match any { ethernet-source-address F8:A7:BC:E0:D1:AE; } then { permit; } } and it didnt work still eny pc can login using ssh i did refresh policy cammand still the same problem
i would like to enable access list using mac address of certain PC
i am asking because i used the same code of access list using only ip address
i used this code
entry AllowManagementIP { if match any { ethernet-source-address F8:A7:BC:E0:D1:AE; } then { permit; } } and it didnt work still eny pc can login using ssh i did refresh policy cammand still the same problem
21 REPLIES 21
Options
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Get Direct Link
- Report Inappropriate Content
‎07-23-2017 05:59 PM
The pc and vlan have the same subnet
Options
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Get Direct Link
- Report Inappropriate Content
‎07-18-2017 05:16 AM
Hi,
is the PC in the same subnet as the switch? Otherwise the connection will be across a router (or layer 3 switch) and the MAC address seen at the switch you want to log into is the router's MAC address.
Anyway, I am not sure that if you can use a MAC address match for the SSH access profile. The command reference says:
Erik
is the PC in the same subnet as the switch? Otherwise the connection will be across a router (or layer 3 switch) and the MAC address seen at the switch you want to log into is the router's MAC address.
Anyway, I am not sure that if you can use a MAC address match for the SSH access profile. The command reference says:
Match conditions:The GTAC Knowledge articles pertaining to an SSH access profile mention IP addresses only as well:
- Source-address—IPv4 and IPv6
- Actions—Permit or Deny
- How To Create an ACL on an XOS Switch for SSH2 Service Access
- How do you restrict SSH access to an IP addresses range?
Erik
Options
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Get Direct Link
- Report Inappropriate Content
‎07-17-2017 07:02 AM
my switches are X250e-48pt i update the firmware from 12.5.4.5 to 15.3.5.2 and i install ssh moudel to install ssh is it related or something
and thanks for help
Best
and thanks for help
Best
Options
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Get Direct Link
- Report Inappropriate Content
‎07-17-2017 06:36 AM
Hm....that's strange. You should log a case with GTAC and have them look into the switch. I am sure it is just a small thing that needs to be changed. They could have a remote session with you and figure it out.