Extreme Networks

jaime_quintana · ‎03-16-2015

How to enable telnet for specific IPS
for example for ip 167.28.170.99 & 167.28.137.57

Bill_Stritzinge · ‎03-16-2015

Yes, but make sure you use the correct indents as in the documentation. For the example you gave, the two IP addresses would be allowed like this... (assume your addresses are /24 - Match CIDR..)

MyAccessProfile.pol entry AllowTheseSubnets { if match any { source-address 167.28.170.99 /24; source-address 167.28.137.57 /24; } then { permit; } }
Once you create the file and copy to the switch, use the command "check policy MyAccessProfile" to make sure the format for the file is correct. The above will only let those two addresses access telnet. Once you create the file you can use that with SSH and SNNMP too.

Bill

jaime_quintana · ‎03-16-2015

Thank Bill

Bill_Stritzinge · ‎03-16-2015

Jamie,

The best and most secure way to do this is to create a access profile that includes all of the specific IP's of stations you want to be able to telnet from. Once you create the profile (really just an ACL) you can then apply that to Telnet, SSH or SNMP.. Here is a link to the instructions..

http://documentation.extremenetworks.com/exos/EXOS_All/Switch_Management/c_access-profile-logging-fo...

Bill

jaime_quintana · ‎03-16-2015

something like this:

Telnet_2.pol

entry AllowTheseSubnets {
if match any {
source-address 167.28.170.99 /32;
source-address 167.28.157.37 /32;
} then {
permit;
}
}
entry dontAllowTheRest {
if {
; #none specified
} then {
deny;
}
}

Extreme Networks

How to enable telnet for specific IP?

How to enable telnet for specific IP?