Author Topic: ERS4500 IPMGR (Read 270 times)

Dominik · « **on:** January 16, 2012, 09:09:24 AM »

I recently discoverd that the accesslist on our ERS4500 with SW 5.5 doesn´t work.

In my test I was able to connect to the ERS4500 even if there was no entry for the network from that a connect to the switch in the ipmgr list.

Would be nice if anybody could verfy that, I tested serveral switches and it seems to be a general problem in SW 5.5.

Cheers

bylie · « **Reply #1 on:** January 16, 2012, 09:42:19 AM »

Sorry I can't verify this because we're still running v5.4.3 on our ERS 4500's. This, however, is one of the reasons we're phasing out the whole ipmgr accesslists by putting our switches in their own VLAN('s) and security zone behind the firewall. This gives us a central point to manage any ACL's from and to our networkinfrastructure without having to rely on the individual ACL mechanisms of the devices themself.

Flintstone · « **Reply #2 on:** January 16, 2012, 11:06:24 AM »

Hi Dominik,

On our ERS45XX switches we are running SW 5.5.0.003 with ipmgr accesslists and works as designed. Only our Network management devices can connect.

CheerZ

Dominik · « **Reply #3 on:** January 17, 2012, 04:16:40 AM »

OK everything works normal.

I overlooked that I didn´t see the default values with show run , so I didn´t checked that the 0.0.0.0 rule was by default ipmgr 1 acl.

Most of the ERS4500 that I manage still run 5.3.x code, have to be aware of the different behaivior of the show run command ......

Cheers

Network Infrastructure Forums

Author Topic: ERS4500 IPMGR (Read 270 times)

Dominik

ERS4500 IPMGR

bylie

Re: ERS4500 IPMGR

Flintstone

Re: ERS4500 IPMGR

Dominik

Re: ERS4500 IPMGR