Access control

Mon Dec 05, 2016 8:50 am

We have a switch that is accessible from www.
I would like to add our own public IP addresses on the access control list. But I am a bit unsure.

- do I have to add IP addresses one by one or can I add an IP range? for example xx.xx.xx.xx/29
- does the adding of an access control list change anything but the restricting of the IP addresses that can login in the UI?

Is there something else I have to think about when adding this list?

Mon Dec 05, 2016 9:35 am

Yes. CIDR is allowed.

Internal firewall (management ACL) restrict input to specific ports - 161, 22, 443 and 80, allow only from defined IP.

But everything else is allowed. This may be not a problem if not exist daemon controlled by these rules ...

Ask for Netonix: may I install own network service?

IMO - management ACL must control ALL input (to CPU of course), not only selected ports in one VLAN.

Mon Dec 05, 2016 10:12 am

jma wrote:We have a switch that is accessible from www.
I would like to add our own public IP addresses on the access control list. But I am a bit unsure.

- do I have to add IP addresses one by one or can I add an IP range? for example xx.xx.xx.xx/29
- does the adding of an access control list change anything but the restricting of the IP addresses that can login in the UI?

Is there something else I have to think about when adding this list?

This was answered just recently, a quick search yields this post:
viewtopic.php?f=6&t=2303&p=16337&hilit=+mouse+over#p16337

Access control

Access control

Re: Access control

Re: Access control

Who is online