- Community Home
- >
- Networking
- >
- Legacy
- >
- Switches, Hubs, Modems
- >
- Is there possible to ignore user continue trying l...
Categories
Company
Local Language
Forums
Discussions
Forums
- Data Protection and Retention
- Entry Storage Systems
- Legacy
- Midrange and Enterprise Storage
- Storage Networking
- HPE Nimble Storage
Discussions
Discussions
Discussions
Forums
Forums
Discussions
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
- BladeSystem Infrastructure and Application Solutions
- Appliance Servers
- Alpha Servers
- BackOffice Products
- Internet Products
- HPE 9000 and HPE e3000 Servers
- Networking
- Netservers
- Secure OS Software for Linux
- Server Management (Insight Manager 7)
- Windows Server 2003
- Operating System - Tru64 Unix
- ProLiant Deployment and Provisioning
- Linux-Based Community / Regional
- Microsoft System Center Integration
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Community
Resources
Forums
Blogs
- Subscribe to RSS Feed
- Mark Topic as New
- Mark Topic as Read
- Float this Topic for Current User
- Bookmark
- Subscribe
- Printer Friendly Page
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
тАО03-30-2020 11:59 PM
тАО03-30-2020 11:59 PM
Is there possible to ignore user continue trying login?
I noticed from switch 5130 system logs, there were a lot of user trying login, is there possible to ignore those login to prevent 5130 busy respond?
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
тАО03-31-2020 05:56 AM
тАО03-31-2020 05:56 AM
Re: Is there possible to ignore user continue trying login?
Hello!
Do you want to suppress messages to prevent them from appearing in the logbuffer? If that is what you want, check 'info-center logging suppress module' command.
Examples
# Configure a log suppression rule to suppress output of logs with the shell_login mnemonic value for the shell module.
<Sysname> system-view
[Sysname] info-center logging suppress module shell mnemonic shell_login
Hope it helps!
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
тАО03-31-2020 07:56 AM - edited тАО03-31-2020 07:58 AM
тАО03-31-2020 07:56 AM - edited тАО03-31-2020 07:58 AM
Re: Is there possible to ignore user continue trying login?
a simple topology like below~~
pc > layer2 switch > firewall > 5130 > modem > internet
a user said his pc software session always broke from time to time, I spent a lot of time to troubleshooting network and devices and still not found problem, but it seems that 5130 is the most possible problem,
just now(about 21:13) I noticed the network link broke at 5130, I look at the log and found a lot of "topology change" at port 15, the port link to a Cisco switch, I wonder maybe it's STP feature cause the network broke for a while?! so I turn off STP(default is on) and wait to see if that happened again ...
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
тАО03-31-2020 08:26 AM
тАО03-31-2020 08:26 AM
Re: Is there possible to ignore user continue trying login?
is it possible that 5130 drop those users who trying to login(a lot of trying login in one minute) so 5130 won't pay attention to those trying.
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
тАО03-31-2020 08:50 AM
тАО03-31-2020 08:50 AM
Re: Is there possible to ignore user continue trying login?
Hello!
If the switch will be rejecting all login attempts, how will it distinguish valid login attempt from non-valid? We need to think in this direction and the solution is below. But, in general, that idea to expose the switch to the Internet is quite dangerous, these devices do not have sophisticated security mechanisms, normally these are behind firewalls.
My suggestion - protect management plane of this switch with proper ACLs, allow only access from your local network and deny all other IP addresses. You can protect HTTP/HTTPS with ACL, as well as SSH or Telnet (which I suggest to disable, as it is not secure at all).
Check the Fundamentals Command Reference and Configuration guides for commands:
ip http acl
ip https acl
For VTY (telnet and SSH) protection, check:
user-interface vty 0 15
acl [ ipv6 ] acl-number { inbound | outbound }
Hope it helps!
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
тАО04-29-2020 07:38 AM
тАО04-29-2020 07:38 AM
Re: Is there possible to ignore user continue trying login?
Hi @wowhsieh !
Did you have time to try the solution proposed? Did it resolve the problem?
Thank you in advance!