Authorized IP Managers |
Configuring
Viewing and configuring IP Authorized Managers (Menu)
Only IPv4 is supported when using the menu to set the management access method.
From the console Main Menu, select:
2. Switch Configuration …
6. IP Authorized Managers
To authorize manager access
This command authorizes manager-level access for any station with an IP address of 10.28.227.0 through 10.28.227.255:
HPswitch(config)# ip authorized-managers 10.28.227.101 255.255.255.0 access manager
Similarly, the next command authorizes manager-level access for any station having an IP address of 10.28.227.101 through 103:
HPswitch(config)# ip authorized-managers 10.28.227.101 255.255.255.252 access manager
If you omit the <mask
bits>255.255.255.255.
If you do not specify either Manager or Operator access, the switch
assigns the Manager access.
To edit an existing manager access entry
To change the mask or access level for an existing entry, use the entry's IP address and enter the new values. Notice that any parameters not included in the command will be set to their default.
HPswitch(config)# ip authorized-managers 10.28.227.101 255.255.255.0 access operator
The above command replaces the existing mask and access level for IP address 10.28.227.101 with 255.255.255.0 and operator.
The following command replaces the existing mask and access level for IP address 10.28.227.101 with 255.255.255.255 and manager(the defaults) because the command does not specify either of these parameters.
HPswitch(config)# ip authorized-managers 10.28.227.101
To delete an authorized manager entry
This command uses the IP address of the authorized manager you want to delete:
HPswitch(config)# no ip authorized-managers 10.28.227.101
Configuring IP Authorized Managers for the switch (CLI)
See the IPv6 configuration guide for information about Authorized IP manager configuration with IPv6 addresses.
Syntax
[no] ip authorized-managers[ip-addressip-maskaccessmanager|operator]access-method[all|ssh|telnet|web|snmp|tftp]
[no] ipv6 authorizedmanagers[ip-addressip-maskaccessmanager|operator]access-method[all|ssh|telnet|web|snmp|tftp]Configures one or more authorized IP addresses.
access[manager|operator]Configures the privilege level for
<ip-address>. Applies only to access through telnet, SSH, SNMPv1, SNMPv2c, and SNMPv3.Default:
manager
access-method[manager|operator]access-method[all|ssh|telnet|web|snmp|tftp]Configures access levels by access method and IP address. Each management method can have its own set of authorized managers. Default
all
To Authorize Manager Access
This command authorizes manager-level access for any station with an IP address of 10.28.227.0 through 10.28.227.255:
switch(config)# ip authorized-managers 10.28.227.101 255.255.255.0 access manager
Similarly, the next command authorizes manager-level access for any station having an IP address of 10.28.227.101 through 103:
switch(config)# ip authorized-managers 10.28.227.101 255.255.255.252 access manager
If you omit the <mask bits > when adding a new authorized manager, the switch automatically uses 255.255.255.255. If you do not specify either Manager or Operator access, the switch assigns the Manager access.
To Edit an Existing Manager Access Entry.
To change the mask or access level for an existing entry, use the entry’s IP address and enter the new values. (Notice that any parameters not included in the command will be set to their default.):
switch(config)# ip authorized-managers 10.28.227.101 255.255.255.0 access operator
The above command replaces the existing mask and access level for IP address 10.28.227.101 with 255.255.255.0 and operator.
The following command replaces the existing mask and access level for IP address 10.28.227.101 with 255.255.255.255 and manager (the defaults) because the command does not specify either of these parameters.
switch(config)# ip authorized-managers 10.28.227.101