Buy or Renew
Buy or Renew
Cisco + Splunk: It’s a new day for your data. Learn more.
 
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
443
Views
0
Helpful
0
Replies

Howto lockdown access to nx-api sandbox in NX-OS 7.2

et
Level 1
Level 1

‎03-30-2016 04:53 AM

Hi,

not really sure, if this is the right community for my question, but here it is:

I just enabled the nxapi sandbox on one of my Nexus 7k switches:

feature nxapi

nxapi https port 5443

nxapi sandbox

It works fine - I can access and login to the sandbox from my internal management station.

My problem is that the switch has SVI interfaces on the public Internet, and with the sandbox exposed on those interfaces.

The default behaviour seems to be "expose sandbox to any source on all active interfaces" (duh?)

I do not want to expose the sandbox to the public Internet, but I have not been able to find any documentation on how to restrict access to the sandbox https port. 

Anyone here been able to do so without resorting to use access-group/lists on the SVIs?

What I'm looking for is something like the mechanism used for controlling access to regular ssh/VTYs.

Regards,

Espen

Labels:
0 Helpful
0 Replies 0
Customers Also Viewed These Support Documents