Buy or Renew
Buy or Renew
Cisco + Splunk: It’s a new day for your data. Learn more.
 
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
1336
Views
0
Helpful
3
Replies

How to limit remote management access to 2800 router?

Go to solution
saidfrh
Level 1
Level 1

‎01-23-2009 04:03 PM - edited ‎03-04-2019 12:57 AM

What are the configs to only allow specific hosts to remotely manage the router using a)https and b)SSH?

Thanks.

Labels:
0 Helpful
1 Accepted Solution

Accepted Solutions

Go to solution
Mark Yeates
Level 7
Level 7

‎01-23-2009 05:13 PM

Said,

You can use access lists to the appropriate lines.

For HTTPS

access-list 1 remark permit HTTPS Management

access-list 1 permit 192.168.1.50

access-list 1 permit 192.168.1.99

access-list 1 permit 192.168.1.250

access-list 1 deny any

ip http secure-server access-class 1

For SSH

access-list 2 remark permit SSH Management

access-list 2 192.168.1.100

access-list 2 192.168.1.101

access-list 2 192.168.1.105

access-list 2 deny any

line vty 0 15

access class 2 in

transport input ssh

Just replace the example IP addresses with the ones you wish to permit

HTH,

Mark

View solution in original post

0 Helpful
3 Replies 3

Go to solution
Mark Yeates
Level 7
Level 7

‎01-23-2009 05:13 PM

Said,

You can use access lists to the appropriate lines.

For HTTPS

access-list 1 remark permit HTTPS Management

access-list 1 permit 192.168.1.50

access-list 1 permit 192.168.1.99

access-list 1 permit 192.168.1.250

access-list 1 deny any

ip http secure-server access-class 1

For SSH

access-list 2 remark permit SSH Management

access-list 2 192.168.1.100

access-list 2 192.168.1.101

access-list 2 192.168.1.105

access-list 2 deny any

line vty 0 15

access class 2 in

transport input ssh

Just replace the example IP addresses with the ones you wish to permit

HTH,

Mark

0 Helpful

Go to solution
saidfrh
Level 1
Level 1
In response to Mark Yeates

‎01-23-2009 05:27 PM

Mark,

Thank you. Do you know the config for ASA firewall to allow HTTPS and SSH access by specific IPs management access to the firewall?

0 Helpful

Go to solution
Mark Yeates
Level 7
Level 7
In response to saidfrh

‎01-23-2009 05:45 PM

For the asa the syntax is quite a bit different. Here are examples for configuring SSH and ASDM access.

SSH:

ssh 10.10.1.0 255.255.255.0 inside

ssh 10.10.2.55 255.255.255.255 inside

ssh 1.2.3.4 255.255.255.255 outside

ASDM

http 10.10.1.0 255.255.255.0 inside

http 10.10.2.55 255.255.255.255 inside

http 1.2.3.4 255.255.255.255 outside

management-access inside

and for outside management

management-access outside

Note: Don't forget to permit outside management in your ACL's.

HTH,

Mark

0 Helpful
Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community:

Customers Also Viewed These Support Documents
Review Cisco Networking products for a $25 gift card