This website uses cookies. By clicking Accept, you consent to the use of cookies. Click Here to learn more about how we use cookies.
Accept
Reject
Help
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

VOSS VSP72K ACL on MgmtEthernet Port

VOSS VSP72K ACL on MgmtEthernet Port

Go to solution
M_Nees
Contributor III

‎07-07-2019 05:04 PM

Is it possible to bind an Standard or Service ACL on the back-side out-of-band Management port on VSP7200 Switch ?

i try to bind a ACL but either i can bind it to an existing VLAN or to an gigabit-ethernet x/y physical port.

Is there a insider trick to bind a ACL on the interface "MgmtEthernet mgmt" ? Or is this currenly not possible ?
0 Kudos
1 ACCEPTED SOLUTION

Go to solution
Ludovico_Steven
Extreme Employee

‎07-08-2019 07:08 AM

That can't be done. However, the only traffic accepted on that mgmt port is switch management traffic.
Is there any reason you cannot use the inbuilt access-policies to control what management traffic is accepted by the switch ? These will apply for any management traffic being received by the switch, either inband (via a GRT IP) or from the OOB mgmt port.

View solution in original post

0 Kudos
2 REPLIES 2

Go to solution
M_Nees
Contributor III

‎07-08-2019 06:52 PM

Hi Ludovico,

using access-policies is a great hint - it address my needs!

I found this document which explain the complete topic ... thanks for writing.
Management Access Security Technical Configuration Guide
https://downloads.avaya.com/css/P8/documents/101009371


BR,
Matthias
0 Kudos

Go to solution
Ludovico_Steven
Extreme Employee

‎07-08-2019 07:08 AM

That can't be done. However, the only traffic accepted on that mgmt port is switch management traffic.
Is there any reason you cannot use the inbuilt access-policies to control what management traffic is accepted by the switch ? These will apply for any management traffic being received by the switch, either inband (via a GRT IP) or from the OOB mgmt port.
0 Kudos
GTM-P2G8KFN