10-05-2012 03:05 AM
Hello,
We need to install acess list on VTY on nexus 1000v to limit the access .the problem is i do n'ot see the access -class option under line VTY (just like the N5K).
We are in the last version : " version 4.2(1)SV1(5.2)"
***********************************************************
Nexus1000V(config)# line vty
Nexus1000V(config-line)# ?
exec-timeout Configure exec timeout
no Negate a command or set its defaults
session-limit Set the max no of concurrent vsh sessions
end Go to exec mode
exit Exit from command interpreter
pop Pop mode from stack or restore from name
push Push current mode to stack or save it under name
where Shows the cli context you are in
Nexus1000V(config-line)#
*********************************************************************
Is this option supported ?
Thanks in advance
Samir.
Solved! Go to Solution.
10-05-2012 01:38 PM
You can apply an ACL to the mgmt0 interface to control management access like this:
interface mgmt0
ip access-group MGMT_ACL in
10-05-2012 01:38 PM
You can apply an ACL to the mgmt0 interface to control management access like this:
interface mgmt0
ip access-group MGMT_ACL in
10-08-2012 02:26 AM
Hello Eric,
Thank you very much for you feedback. That is a good workaround indeed.
I suppose I will need (along with the SSH allowed networks) to add in the ACL vCenter in order to keep the connection UP and all traffic needed to communicate with the mgmt0 interface (we are in L2 mode)
Best regards.
08-21-2014 03:40 AM
Long time since this thread was active, but i googled and found it so i just wanted to add my experience.
Adding an ACL to the interface is a work around, yes. But problem is that all traffic will be blocket not only Telnet/SSH and SNMP. Also when changing the the ACL you need to remove it from the interface first not to block yourself out from the switch. When you make a script updating a ACL i usually start with "no ip access-list xx", when adding it again the first line will be deny all... This will not happen when adding it to line vty. So just be careful when using.
Cheers
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide