Re: Management ACL on SG550X

rasmus.elmholt · ‎06-22-2018

Hi

Anyone know if it is possible to configure a management ACL on the SG550 switches.

Under Security -> mgmt access method -> Access profile it is possible to configure a single subnet to allow management from.

But is it possible to create an Access list and apply that to the vty line/https server as you would on an IOS switch?

This is what i want on the SG series:

access-list 23 permit 10.0.0.0 0.0.0.255

access-list 23 permit 10.255.0.0 0.0.0.255

ip http access-class 23

line vty 0 15

access-class 23 in

Richard Burts · ‎06-23-2018

I am not an expert of the SG550 but I have looked at the documentation for the 550. And it is pretty clear that while the 550 will allow you to control management access to achieve the result that you want it is not possible to do it in the manner that you want. The 550 does not seem to support access-class for limiting management access. It uses access profiles, and while that does seem to be a bit complicated, it does seem to allow you to achieve the results.

HTH

Rick

HTH

Rick

rasmus.elmholt · ‎07-13-2018

Do you have a link or an example?
I configured an ACL on the management interface instead.

Diana Karolina Rojas · ‎07-13-2018

Hello,

I thing this link will be helpfull https://www.cisco.com/c/dam/en/us/td/docs/switches/lan/csbms/550xseries/cli_guide/CLI_Tesla_Sx550X_SG550XG_2_2_5.pdf please go to page 861, maybe this is what you are looking for.

Please do not forget to rate usefull posts.

Best Regards,