How i can enable access list using only mac address to ssh login
Options
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Get Direct Link
- Report Inappropriate Content
‎07-17-2017 03:07 AM
Hello
i would like to enable access list using mac address of certain PC
i am asking because i used the same code of access list using only ip address
i used this code
entry AllowManagementIP { if match any { ethernet-source-address F8:A7:BC:E0:D1:AE; } then { permit; } } and it didnt work still eny pc can login using ssh i did refresh policy cammand still the same problem
i would like to enable access list using mac address of certain PC
i am asking because i used the same code of access list using only ip address
i used this code
entry AllowManagementIP { if match any { ethernet-source-address F8:A7:BC:E0:D1:AE; } then { permit; } } and it didnt work still eny pc can login using ssh i did refresh policy cammand still the same problem
21 REPLIES 21
Options
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Get Direct Link
- Report Inappropriate Content
‎07-17-2017 06:15 AM
entry DenyAllIngress{
if {
} then {
deny;
}
}
if {
} then {
deny;
}
}
Options
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Get Direct Link
- Report Inappropriate Content
‎07-17-2017 06:12 AM
i pasted here wrong but in the cli it's correcct 🙂
Options
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Get Direct Link
- Report Inappropriate Content
‎07-17-2017 06:09 AM
There is one brace to much at the bottom
Options
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Get Direct Link
- Report Inappropriate Content
‎07-17-2017 06:03 AM
entry AllowManagementIP { if match any { ethernet-source-address F8:A7:BC:E0:D1:AE; } then { permit; }
deny ;
} }
Error again what should i do !!
deny ;
} }
Error again what should i do !!
Options
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Get Direct Link
- Report Inappropriate Content
‎07-17-2017 05:55 AM
As I said. Leave the "all" away.
