HPE Community
LAN Routing
1822896 Members
3456 Online
109645 Solutions
New Discussion

HP 2920 - LOCKING DOWN HOST ACCESS FOR SPECIFIC IP ADDRESSES

 
SOLVED
Go to solution
bighead8181
Occasional Contributor

‎09-28-2020 07:11 AM - edited ‎09-28-2020 07:22 AM

‎09-28-2020 07:11 AM - edited ‎09-28-2020 07:22 AM

HP 2920 - LOCKING DOWN HOST ACCESS FOR SPECIFIC IP ADDRESSES

Im new to HP world and been given a number of switches to manage.  I need to lock down the device to specific source hosts.  Ive managed to find the solution for the 5920 but i simply cannot figure it out for the 2920 via CLI or find information online with the commnads.  Appreciate someones help. 

0 Kudos
4 REPLIES 4
Emil_G
HPE Pro

‎09-28-2020 09:15 AM - edited ‎09-28-2020 09:25 AM

‎09-28-2020 09:15 AM - edited ‎09-28-2020 09:25 AM

Re: HP 2920 - LOCKING DOWN HOST ACCESS FOR SPECIFIC IP ADDRESSES

Hello, 

I am not sure if I understand the question correctly. If you want to limit the access to the management interfaces of the swich (SSH, Telnet WebUI) to specific source IP addresses then you can configure ip authorized-managers as described here.

https://techhub.hpe.com/eginfolib/networking/docs/switches/K-KA-KB/15-18/5998-8150_access_security_guide/content/c_Using_Authorized_IP_Managers.html

https://techhub.hpe.com/eginfolib/Aruba/16.09/5200-5898/index.html#c_Using_Authorized_IP_Managers.html

If something different should be achieved, I think we need some more details.

I am an HPE employee

Accept or Kudo


0 Kudos
bighead8181
Occasional Contributor

‎09-28-2020 10:46 AM

‎09-28-2020 10:46 AM

Re: HP 2920 - LOCKING DOWN HOST ACCESS FOR SPECIFIC IP ADDRESSES

My desktop machine has an IP address of 192.168.0.50

HP 2920 management ip address 10.10.10.50

I would like to only permit ssh putty from my desktop to the hp switch,  blocking all other IP addresses.  From your response i believe this is what i can achieve?

 

0 Kudos
Emil_G
HPE Pro

‎09-28-2020 11:04 AM

‎09-28-2020 11:04 AM

Re: HP 2920 - LOCKING DOWN HOST ACCESS FOR SPECIFIC IP ADDRESSES

Hello, 

Yes, this is exactly the use case of ip authorized-managers. Since you want to allow a single device to have management access this command should be sufficient.

HP Switch# config
HP Switch(config)# ip authorized-managers 192.168.0.50

 

I am an HPE employee

Accept or Kudo


0 Kudos
Emil_G
HPE Pro

‎10-05-2020 11:05 PM

‎10-05-2020 11:05 PM

Solution

Re: HP 2920 - LOCKING DOWN HOST ACCESS FOR SPECIFIC IP ADDRESSES

 Hello @bighead8181,

Did I answer your question? If yes, please mark it as an accepted solution. If not, please give us feedback!

I am an HPE employee

Accept or Kudo


0 Kudos
The opinions expressed above are the personal opinions of the authors, not of Hewlett Packard Enterprise. By using this site, you accept the Terms of Use and Rules of Participation.