disable-management

Description                                                    Disable management access to the ACOS device.

Syntax                                                                  disable-management service {http | https | ping | snmp | ssh}

Parameter

Description

http

Disables HTTP access to the management GUI.

https

Disables HTTPS access to the management GUI.

ping

Disables ping replies from ACOS. This option does not affect the ACOS device’s ability to ping other devices.

snmp

Disables SNMP access to the ACOS device’s SNMP agent.

ssh

Disables SSH access to the CLI.

This command changes the CLI to the configuration level for the type of access you specify. At this level, you can specify the interfaces for which to disable access, using the following options:

     ethernet portnum [to portnum]

Disable access for the specified protocol on the specified Ethernet interface. Use the [to portnum] option to specify a range of Ethernet interfaces.

     management

Disable access for the specified protocol on the management interface.

     ve ve-num [to ve-num]

Disable access for the specified protocol on the specified virtual Ethernet interface. Use the [to ve-num] option to specify a range of virtual Ethernet interfaces.

The CLI lists options only for the interface types for which the access type is enabled by default.

NOTE:                                                                   Disabling ping replies from being sent by the device does not affect the device’s ability to ping other devices.

Default                                                                TABLE 11    lists the default settings for each management service.

TABLE 11    Default Management Service Settings

Management Service

Ethernet Management Interface

Ethernet and VE Data Interfaces

SSH

Enabled

Disabled

Telnet

Disabled

Disabled

HTTP

Enabled

Disabled

HTTPS

Enabled

Disabled

SNMP

Enabled

Disabled

Ping

Enabled

Enabled

Syslog

Disabled

Disabled

SNMP-trap

Disabled

Disabled

Mode                                                                   Configuration mode

Usage                                                                  If you disable the type of access you are using on the interface you are using at the time you enter this command, your management session will end. If you accidentally lock yourself out of the device altogether (for example, if you use the all option for all interfaces), you can still access the CLI by connecting a PC to the ACOS device’s serial port.

To enable management access, see enable-management.

If the ACOS device is a member of an aVCS virtual chassis, use the device-context command to specify the device in the chassis to which to apply this command.

You can enable or disable management access, for individual access types and interfaces. You also can use an Access Control List (ACL) to permit or deny management access through the interface by specific hosts or subnets.

For more information, see “Access Based on Management Interface” in the Management Access and Security Guide.

Example                                                            The following command disables HTTP access to the out-of-band management interface:

ACOS(config)# disable-management service http management

You may lose connection by disabling the http service.

Continue? [yes/no]: yes

 

Table of Contents

Index

Glossary

-Search-

Back