cancel
Showing results for 
Search instead for 
Did you mean: 

How to enable telnet for specific IP?

How to enable telnet for specific IP?

jaime_quintana
New Contributor
How to enable telnet for specific IPS
for example for ip 167.28.170.99 & 167.28.137.57
4 REPLIES 4

Bill_Stritzinge
Extreme Employee
Yes, but make sure you use the correct indents as in the documentation. For the example you gave, the two IP addresses would be allowed like this... (assume your addresses are /24 - Match CIDR..)

MyAccessProfile.pol entry AllowTheseSubnets { if match any { source-address 167.28.170.99 /24; source-address 167.28.137.57 /24; } then { permit; } }
Once you create the file and copy to the switch, use the command "check policy MyAccessProfile" to make sure the format for the file is correct. The above will only let those two addresses access telnet. Once you create the file you can use that with SSH and SNNMP too.

Bill

jaime_quintana
New Contributor
Thank Bill

Bill_Stritzinge
Extreme Employee
Jamie,

The best and most secure way to do this is to create a access profile that includes all of the specific IP's of stations you want to be able to telnet from. Once you create the profile (really just an ACL) you can then apply that to Telnet, SSH or SNMP.. Here is a link to the instructions..

http://documentation.extremenetworks.com/exos/EXOS_All/Switch_Management/c_access-profile-logging-fo...

Bill

something like this:

Telnet_2.pol

entry AllowTheseSubnets {
if match any {
source-address 167.28.170.99 /32;
source-address 167.28.157.37 /32;
} then {
permit;
}
}
entry dontAllowTheRest {
if {
; #none specified
} then {
deny;
}
}
GTM-P2G8KFN