Reset Search
 

 

Article

Access-policy for HTTTP / HTTPS

« Go Back

Information

 
TitleAccess-policy for HTTTP / HTTPS
Objective
How to restrict HTTP Web access.
 
Environment
  • EXOS
Procedure
There is a difference the way access profiles works for web access.
The http process can only have policies applied to it that are dynamic policies. Dynamic Policies are applied as single line items to the switch and not as policy files. You can also add counters to both Policy files and Dynamic Policies.

This is different then the method for telnet/SSH or  SNMP

Suppose we have 4 IPs for which we want to allow http Access to the Switch.
IPs are like:
1.1.1.1
2.2.2.2
3.3.3.3
4.4.4.4
Then we have to create 5 rules like
create access-list IP-ONE " source-address 1.1..1.1/24; " "permit"
create access-list IP-TWO " source-address 2.2.2.2/24; " "permit"
create access-list IP-THREE " source-address 3.3.3.3/24; " "permit"
create access-list IP-FOUR " source-address 4.4.4.4/24; " "permit"
create access-list IP-OTHER " source-address 0.0.0.0/0; " "deny"

NOTE:RULE NAMES SHOULD BE DIFFERENT

Now we need to apply these rules to the web http
========================================
Configure web http access-profile add IP-ONE first
Configure web http access-profile add IP-TWO first
Configure web http access-profile add IP-THREE first
Configure web http access-profile add IP-FOUR first
Configure web http access-profile add IP-OTHER after IP-FOUR

=================================================
Additional notes

Feedback

 

Was this article helpful?


   

Feedback

Please tell us how we can make this article more useful.

Characters Remaining: 255