PDF(335.2 KB) View with Adobe Reader on a variety of devices
ePub(428.8 KB) View in various apps on iPhone, iPad, Android, Sony Reader, or Windows Phone
Mobi (Kindle)(166.8 KB) View on Kindle device or Kindle app on multiple devices
Updated:December 13, 2018
The documentation set for this product strives to use bias-free language. For the purposes of this documentation set, bias-free is defined as language that does not imply discrimination based on age, disability, gender, racial identity, ethnic identity, sexual orientation, socioeconomic status, and intersectionality. Exceptions may be present in the documentation due to language that is hardcoded in the user interfaces of the product software, language used based on RFP documentation, or language that is used by a referenced third-party product. Learn more about how Cisco is using Inclusive Language.
Management Access Method Access Profile Settings on Sx500 Series Stackable Switches
The objective of this document is to help configure access profile settings on Sx500 Series Stackable Switches. Access profiles use access methods to classify access requests based on authorization and authentication. Each access profile is associated with a set of rules to manage the security of an organization. Access profiles helps the user to access the network devices through certain management methods like telnet, SSH, HTTP etc and they can be configured in access profiles
• Sx500 Series Stackable Switches
Access Profile Settings
Step 1. Log in to the web configuration utility and choose Security > Mgmt Access Method > Access Profiles. The Access Profile page opens:
Step 2. In the Active Access Profile field, choose one of the access profiles to be activated from the drop-down list.
Step 3. To add a new access profile, click Add. The Add New Access Profile window appears.
Step 4. In the Access Profile Name field, enter the desired name of the access profile.
Step 5. In the Rule Priority field, enter a rule priority number. It should be between 1 and 65535. The packet should match the rule for it to either grant or deny access to the switch.
Step 6. In the Management Method field, click the radio button for which the rule should be defined.
• All — This assigns the rule to all the management methods.
• Telnet — Access is either permitted or denied only to the users that meet the telnet access profile criteria.
• Secure telnet (SSH) — Access is either permitted or denied only to the users that meet the SSH access profile criteria.
• HTTP — Access is either permitted or denied only to the users that meet the HTTP access profile criteria.
• Secure HTTP (HTTPS) — Access is either permitted or denied only to the users that meet the HTTPS access profile criteria.
• SNMP — Access is either permitted or denied only to the users that meet the SNMP access profile criteria.
Step 7. In the Action field, click the radio button of the desired action.
• Permit — If the user settings match the profile settings then the access to the switch is permitted.
• Deny — If the user settings match the profile settings then the access to the switch is denied.
Step 8. In the Applies to Interface field, click the radio button of the interface attached to the rule.
• All — Rule is valid for all the ports, VLANs and LAGs
• User Defined — Rule is only be valid for selected interfaces.
Note: If you choose User Defined in Step 8 proceed with Step 9, otherwise skip to Step 10.
Step 9. In the Interface field, click the radio button for the desired interface.
Step 10. In the Applies to Source IP Address field, click the radio button of the type of source IP address to which the access profile applies.
• All — It is valid for all types of IP addresses.
• User Defined — It is valid for only user defined IP addresses.
Step 11. In the IP Version field, click the radio button of the supported IP version of the source address.
Step 12. In the IP Address field, enter the source IP address.
Step 13. In the Mask field, click the radio button of the desired format of the subnet mask.
• Network Mask — Enter the subnet mask in the 255.255.255.0 format.
• Prefix length — Enter the number of network bits that are comprised in the source IP address.
Step 14. Click Apply to save the configuration.
Step 15. (Optional) To delete an access profile, click the desired check box and click Delete.
Note: The Profile Rules Table allows you to edit the access profiles, refer to article Management Access Method Profile Rules Configuration on Sx500 Series Stackable Switches.