Network technologies and trends

Jul 6 2008   6:25AM GMT

How to restrict the web access to Cisco Switches & Routers.

Yasir Irfan Yasir Irfan Profile: Yasir Irfan

 Here in this example I am going to show you how to restrict the web access to any Cisco IOS Switch or Router.

If web-based administration of the switch is necessary, then restrict HTTP access to the switch.
Configure a standard access-list (e.g., 11) that allows only the administrators’ systems to make these connections and apply this access-list to the HTTP service on the switch. Finally, use the ip http authentication local command to enable local account checking at login that will prompt for a username and a password.

Switch(config)# access-list 11 remark Permit HTTP access from administrators’ systems
Switch(config)# access-list 11 permit host log
Switch(config)# access-list 11 permit host log
Switch(config)# access-list 11 deny any log
Switch(config)# ip http server
Switch(config)# ip http access-class 11
Switch(config)# ip http authentication local
Note that the web browser used for administration will cache important information (e.g., passwords).Make sure that the cache is emptied periodically.


Personel Web<p

 Comment on this Post

There was an error processing your information. Please try again later.
Thanks. We'll let you know when a new response is added.
Send me notifications when other members comment.

Forgot Password

No problem! Submit your e-mail address below. We'll send you an e-mail containing your password.

Your password has been sent to:

Share this item with your network: