Hi Guys,
I have an OmniAccess 512 (Ver 4.4.2) that I cannot remove from production right now, and I want to either turn off or filter the source IP for the FTP service.
I can't find any docs on it and before I go poking around and trying things in a box that's in production, I was wondering if anyone here could point me in the right direction
Thanks!
Robb
OA512 FTP access
Hi Robb,
For your reference I've attached the documentation for the OmniAccess 512 (Download: ).
I recommend to have a look at the section Secure Switch Access oa5_ch05.pdf Page 5-4 (PDF page 4).
My apologies but I don't have such a product available in my network, therefore I can't test it for you.
My best guess is that you need to do the following (not verified, do this at your own risk!)
1.)
Create a new filter using the secdefine command
Enter a Filter name (e.g. netadmin)
Enter an IP address (e.g. 192.168.10.100)
Leave MAC address blank (If this is a routed network you might not know the source MAC)
MAC address is non-canonical
Leave slot and port blank (despite you know that and want to set it)
2.)
Assign the filter to your FTP server using the secapply command
1=e (to enable the FTP security)
11=netadmin (to assign the filter)
Don't forget to save your configuration. Here is an interesting note from the document on how to fully disable the access to a specific application/service on the OmniAccess.
-benny
For your reference I've attached the documentation for the OmniAccess 512 (Download: ).
I recommend to have a look at the section Secure Switch Access oa5_ch05.pdf Page 5-4 (PDF page 4).
My apologies but I don't have such a product available in my network, therefore I can't test it for you.
My best guess is that you need to do the following (not verified, do this at your own risk!)
1.)
Create a new filter using the secdefine command
Enter a Filter name (e.g. netadmin)
Enter an IP address (e.g. 192.168.10.100)
Leave MAC address blank (If this is a routed network you might not know the source MAC)
MAC address is non-canonical
Leave slot and port blank (despite you know that and want to set it)
2.)
Assign the filter to your FTP server using the secapply command
1=e (to enable the FTP security)
11=netadmin (to assign the filter)
Don't forget to save your configuration. Here is an interesting note from the document on how to fully disable the access to a specific application/service on the OmniAccess.
Hope this helps ...Alcatel-Lucent official documentation: oa5_ch05.pdf page 5-7 (PDF page 7) wrote: Secure Access Filter Points
1) FTP Security : Enabled
11) Filter List : Test, Engineering
2) Telnet Security : Disabled
21) Filter List : Test
3) SNMP Security : Enabled
31) Filter List :
4) TFTP Security : Enabled
41) Filter List : Manufacturing
5) HTTP Security : Disabled
51) Filter List :
6) Custom Security : Enabled
61) Filter List : HR
62) Protocol :
63) Port Service :
7) One-touch Global Security :
71) One-touch Filter List :
Command { Item=Value/?/Help?Quit/Redraw/Save} (Redraw) :
Note
If security is enabled for a filter point and there are no
names defined on its list, then the filter point is essentially
inaccessible to all users. For example, in the
above sample display, SNMP is not accessible to any
user.
-benny
You do not have the required permissions to view the files attached to this post.
Regards,
Benny
Benny
- rjmeredeth
- Member
- Posts: 8
- Joined: 11 Jan 2010 23:35
- rjmeredeth
- Member
- Posts: 8
- Joined: 11 Jan 2010 23:35