01-04-2005 06:56 PM - edited 03-05-2019 11:23 AM
I just received a Cat 4500 with the IOS, not the CatOs. It is currently only performing layer 2 switch only. I set up telnet and found that I could only telnet to the 4500 from a device that was on the same subnet as the 4500. Although this is a great security feature, I believe it is prohibiting my CiscoWorks from being able to actively discover and manage this device. Is there a command to disable this behavior or do I just create an ACL to permit my cisco works box to telnet to the 4500?
01-05-2005 12:37 AM
If your Cisco Works server is on a different network than you switch management address you will need to add the default gateway for your switch management network to your switch:
ip default-gateway
I would also recommend (as you mentioned) adding an access-list to your VTY lines permiting Ciscoworks and admin addresses to access your switch using Telent or SSH (if supported), and also adding an access-list to SNMP permiting only your CiscoWorks server to GET and SET SNMP information.
Thanks
Paddy
01-05-2005 01:43 AM
If you mean to keep it a l2 device then create an interface vlanXX (the same vlan CiscoWorks is on) with an IP Address and create an access-list applied to that interface.
CW=10.1.5.2/24&Vlan=10
ip access-list 45 standard permit ip host 10.1.5.2
int vlan10
description CiscoworksMGMT
ip address 10.1.5.1 255.255.255.0
access-group in 45
You'll have to double check my statements, they may be off a bit. I'm sure there are other ways to accomplish what you want.
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide