Cisco Support Community
Showing results for 
Search instead for 
Did you mean: 

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. If you'd prefer to explore, try our test area to get started. And see here for current known issues.

New Member

Allow specific IP or MAC?

Hey everyone,

Just got a C150 a little bit ago and was wondering if theres a way to allow only specific IP or MAC address from a accessing the management port to configure the firewall. I've disabled HTTP, and FTP access to the firewall to improve security but didn't want to remove HTTPS as being in physical contact to use the serial port would be a little out of the question as I'd like some remote access as I travel between offices.

So if you have any ideas on how to improve security, or if I'm just stuck dealing with HTTPS, any responses would be greatly appreciated.



  • Email Security
New Member

Re: Allow specific IP or MAC?

As far as I have been able to tell, there is no way to do this. The underlying operating system is based on FreeBSD, and therefore has ipfw, which would do what you want. But there is no interface to ipfw exposed in AsyncOS.

Your only recourse is to use an external firewall.

New Member

Re: Allow specific IP or MAC?

This feature is currently planned for a future release. I can't remember which release it was in, but I've got a feeling that it's not all that far away...

In most environments we recommend putting the IronPort into a DMZ area, in which case you can block all access to the management port (and basically everything except port 25) from the Internet using rules on the Firewall itself.

New Member


Thanks for the information. I couldn't find anything else, but as I've only had it for a bit, I thought I'd ask you guys/girls as you have much more experience. Thanks for replies and hope to see this feature in the future :D

This widget could not be displayed.