I have a 3750 and can telnet / web interface into from every interface that I assign it. How can I prevent this and only allow it for one interface?
(only allow management from here)
Ip address 10.1.1.5 255.255.255.0
Ip address 10.222.1.5 255.255.255.0
Ip address 10.4.3.5 255.255.255.0
Thanks in advance for looking.
Determine the valid IP addresses that need access to the management plane.
For this example that say it's all of 192.168.1.0/24
Create an ACL that accounts for management addresses.
access-list 82 remark *** Management ***
access-list 82 permit 192.168.1.0 0.0.0.255
Apply this access list to the management interface.
ip http access-class 82
line vty 0 4 ### if you have more VTY apply to all
access-class 82 in