Is there a way to configure a 3Com switch to restrict telnet access to it? I manage the switch over the network, but I don´t want users to access switch command line interface.
I want to configure something like a access-list on vty on Cisco switches. Is it possible??
The following is based on my experience with the 3300, I can't say anything about the other models.
The switches' management interface is on VLAN 1 by default - I heard claims that this can be changed via SNMP, but I don't know if it is true. I find it good practice to only have switches and management stations in this VLAN, and put users on different VLANs. This way, users will not be able to access the switch management. As an additional measure, you should of course set passwords for all accounts on the switch. The VLAN separation ensures that users can not read the passwords when you are sending them unencrypted over telnet.
As far as I know, there are no access lists based on client IP address. You can only configure which user is able to access which protocol (telnet, snmp, ...).
The following is based on my experience with the 3300, I can't say anything about the other models.
The switches' management interface is on VLAN 1 by default - I heard claims that this can be changed via SNMP, but I don't know if they are true. I find it good practice to only have switches and management stations in this VLAN, and put users on different VLANs. This way, users will not be able to access the switch management. As an additional measure, you should of course set passwords for all accounts on the switch. The VLAN separation ensures that users can not read the passwords when you are sending them unencrypted over telnet.
As far as I know, there are no access lists based on client IP address. You can only configure which user is able to access which protocol (telnet, snmp, ...).
Cabling-Design.com Forums website is not affiliated with any of the manufacturers or service providers discussed here.
All logos and trade names are the property of their respective owners.