Reset Search
 

 

Article

Why is SSH ACL not blocking SSH requests to switch?

« Go Back

Information

 
TitleWhy is SSH ACL not blocking SSH requests to switch?
Question
Why is SSH ACL not blocking SSH requests to switch? 
Environment
SLX 9140
SLX OS 
Answer
When using an ACL to restrict SSH/telnet/SNMP (in-bound) access to the SLX, the keyword "hard-drop" is used instead of "deny".
Traffic that is destined to the switch (CPU) will not be filtered with the usual deny keyword. The hard-drop keyword is used to filter both transit traffic and traffic destined to the switch CPU.
Additional notes

Feedback

 

Was this article helpful?


   

Feedback

Please tell us how we can make this article more useful.

Characters Remaining: 255