Solved: Will deleting the configuration of the control-plane have any impact?

John.lc · ‎04-25-2023

Currently, SNMP and telnet protocols are allowed under our control-management plane. If I enter the "no control-plane" command, will it affect the business of the system?

control-plane
 management-plane
  inband
   interface all
    allow Telnet
    allow SNMP
   !

tkarnani · ‎04-26-2023

Hi ,

Modifying the control-plane should not affect data plane traffic

this control-plane is used to allow/restrict protocols such as SSH, TELNET, SNMP etc

thank you

View solution in original post

tkarnani · ‎04-26-2023

Hi ,

Modifying the control-plane should not affect data plane traffic

this control-plane is used to allow/restrict protocols such as SSH, TELNET, SNMP etc

thank you

John.lc · ‎04-26-2023

@tkarnani It seems I was right, thanks for confirming.

MHM Cisco World · ‎04-26-2023

But this make your Device is some risk' instead adjust control instead of disable it.

John.lc · ‎04-26-2023

Thank you for your suggestion, but is there no relevant configuration for the control-plane on the default device?

Sam Meftahi · ‎05-14-2023

How about adding specific sources of your ssh jump stations to the config and keep your device safe. You just need to add an ACL to your control plane config.

control-plane
 management-plane
  inband
   interface all
    allow SSH peer
     address ipv4 x.x.x.x

In if you are in doubt you would loose remote access to the device, just "commit confirm" with a timer, so you get a life line.

John.lc · ‎05-16-2023

HI Sam

Thanks for your suggestion.