Options
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Get Direct Link
- Report Inappropriate Content
‎07-07-2019 05:04 PM
Is it possible to bind an Standard or Service ACL on the back-side out-of-band Management port on VSP7200 Switch ?
i try to bind a ACL but either i can bind it to an existing VLAN or to an gigabit-ethernet x/y physical port.
Is there a insider trick to bind a ACL on the interface "MgmtEthernet mgmt" ? Or is this currenly not possible ?
i try to bind a ACL but either i can bind it to an existing VLAN or to an gigabit-ethernet x/y physical port.
Is there a insider trick to bind a ACL on the interface "MgmtEthernet mgmt" ? Or is this currenly not possible ?
Solved! Go to Solution.
1 ACCEPTED SOLUTION
Options
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Get Direct Link
- Report Inappropriate Content
‎07-08-2019 07:08 AM
That can't be done. However, the only traffic accepted on that mgmt port is switch management traffic.
Is there any reason you cannot use the inbuilt access-policies to control what management traffic is accepted by the switch ? These will apply for any management traffic being received by the switch, either inband (via a GRT IP) or from the OOB mgmt port.
Is there any reason you cannot use the inbuilt access-policies to control what management traffic is accepted by the switch ? These will apply for any management traffic being received by the switch, either inband (via a GRT IP) or from the OOB mgmt port.
2 REPLIES 2
Options
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Get Direct Link
- Report Inappropriate Content
‎07-08-2019 06:52 PM
Hi Ludovico,
using access-policies is a great hint - it address my needs!
I found this document which explain the complete topic ... thanks for writing.
Management Access Security Technical Configuration Guide
https://downloads.avaya.com/css/P8/documents/101009371
BR,
Matthias
using access-policies is a great hint - it address my needs!
I found this document which explain the complete topic ... thanks for writing.
Management Access Security Technical Configuration Guide
https://downloads.avaya.com/css/P8/documents/101009371
BR,
Matthias
Options
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Get Direct Link
- Report Inappropriate Content
‎07-08-2019 07:08 AM
That can't be done. However, the only traffic accepted on that mgmt port is switch management traffic.
Is there any reason you cannot use the inbuilt access-policies to control what management traffic is accepted by the switch ? These will apply for any management traffic being received by the switch, either inband (via a GRT IP) or from the OOB mgmt port.
Is there any reason you cannot use the inbuilt access-policies to control what management traffic is accepted by the switch ? These will apply for any management traffic being received by the switch, either inband (via a GRT IP) or from the OOB mgmt port.
