Adtran
Help
BIG NEWS! The Adtran Support Community is moving! In the next few weeks it will be housed in a new location. Be sure to visit our NEW Adtran Community before the end of July to check it out and verify that you can access all the resources and features that you need. If you discover any issues with your account or access, or just want to let us know about your experience, be sure to use our Feedback Form to let us know!
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
eborisov
New Contributor II
‎12-04-2015 11:35 AM

Trying to block ssh, telnet, http to NetVanta4305.

I am trying to implement ACL or may be some other method on Netvanta4305 so no one but only my internal subnet can connect to the unit for administrative purposes. This is a public faced router. I am a bit lost at the hardware ACL, IP ACL and the firewall. Firewall is not running and not needed on this unit.

How would I implement such a simple thing (I would think)?

Thank you

Eugene

Tags (1)
0 Kudos
Reply
1 Reply
jayh
Honored Contributor
Honored Contributor
‎12-05-2015 11:43 PM

Re: Trying to block ssh, telnet, http to NetVanta4305.

ip access-list standard admin-access

  permit [internal-network] [wildcard-mask]

  permit [second internal network] [wildcard-mask]

  [etc...]

line ssh 0 4

access-class admin-access in

!

line telnet 0 4

access-class admin-access in

!

http ip access-class admin-access in

!

http ip secure-access-class admin-access in

!

Example of wildcard mask for internal network, this can be tricky if you aren't familiar with it. 

permit 192.168.1.0 0.0.0.255

Subtract each octet of a regular netmask from 255 and you're good to go.

For some versions of AOS the "ip" keyword is missing from the http commands, just use:

http access-class admin-access in

http secure-access-class admin-access in


if it gives you an error.



0 Kudos
Accept as Solution Reply