Security Basics mailing list archives

Previous By Date Next
Previous By Thread Next

RE: access-list at 4006 catalyst switch?

From: "Wilcox, Stephen" <StephenWilcox () universalcomputersys com>
Date: Tue, 4 Mar 2003 13:08:47 -0600
With Cisco switches you and apply IP Permit Filters

These are filters to safeguard access to the management sc0 interface via telnet and other protocols. These are 
particularly important when the VLAN used for management also contains users. Use the following commands to enable IP 
address and port filtering:

set ip permit enable
set ip permit <IP address> <mask> <telnet|ssh|snmp|all>

Stephen

-----Original Message-----
From: David Gillett [mailto:gillettdavid () fhda edu]
Sent: Monday, March 03, 2003 1:34 PM
To: security-basics () securityfocus com
Subject: RE: access-list at 4006 catalyst switch?


  In the Cisco world, access lists are a router feature, and the
4006 does not have a router engine.
  It does, however, support VLAN trunking.  You can get almost all
of the functionality you seek by assigning the switch IP address on
a "system management" VLAN, and applying an access list to that VLAN
at your core router.  (You do *have* a router, don't you?)

David Gillett



-----Original Message-----
From: SB CH [mailto:chulmin2 () hotmail com]
Sent: March 2, 2003 17:29
To: security-basics () securityfocus com
Subject: access-list at 4006 catalyst switch?


Hello all.

I have a 4006 layer 2 cisco switch which os is catos.
I would like to restrict ip address which can telnet to the switch.
But I can't find any access-list like command at 4006 switch.
Can't I restrict telnet client ip or snmp client ip at 4006?

Thanks in advance.


_________________________________________________________________
책상위에 다리 올리고 느긋하게 즐긴다... MSN 온라인 상영관
http://vod.msn.co.kr
Previous By Date Next
Previous By Thread Next

Current thread: