Active Access Profile
The Access Profiles page displays the access profiles that are defined and enables selecting one access profile to be the active one.
When a user attempts to access the switch through an access method, the switch looks to see if the active access profile explicitly permits management access to the switch through this method. If no match is found, access is denied.
When an attempt to access the switch is in violation of the active access profile, the switch generates a SYSLOG message to alert the system administrator of the attempt.
After an access profile has been defined, additional rules can be added or edited by using the Defining Profile Rules page.
Use the Access Profiles page to create an access profile and to add its first rule. If the access profile only contains a single rule, you are finished. To add additional rules to the profile, use the Profile Rules page.
- Click Security > Mgmt Access Method > Access Profiles. The Access Profiles page displays.
This page displays all of the access profiles, active and inactive.
- To change the active access profile, select a profile from the Active Access Profile drop down menu and click Apply. This makes the chosen profile the active access profile.
NOTE Some 200 Series switches only support web access. The profile you define may be customized according to a set of settings provided in Access Profile entry, but ultimately will only provide web access; console or any other methods (SSH & Telnet) are not supported.
A caution message displays if you selected any other access profile, warning you that, depending on the selected access profile, you might be disconnected from the web-based switch configuration utility.
- Click OK to select the active access profile or click Cancel to discontinue the action.
- Click Add to open the Add Access Profile page. The page allows you to configure a new profile and one rule.
- Enter the parameters.
- Access Profile Name--Enter an access profile name. The access profile name can contain up to 32 characters.
- Rule Priority--Enter the rule priority. When the packet is matched to a rule, user groups are either granted or denied access to the switch. The rule priority is essential to matching packets to rules, as packets are matched on a first-match basis. One is the highest priority.
- Management Method--Select the management method for which the rule is defined. The options are:
- Action--Select the action attached to the rule. The options are:
- Applies to Interface--Select the interface attached to the rule. The options are:
- Interface--Enter the interface number if User Defined was selected.
- Applies to Source IP Address--Select the type of source IP address to which the access profile applies. The Source IP Address field is valid for a subnetwork. Select one of the following values:
- IP Version--Select the supported IP version of the source address, IPv6 or IPv4.
- IP Address--Enter the source IP address.
- Mask--Select the format for the subnet mask for the source IP address, and enter a value in one of the fields:
- Click Apply. The access profile is created, and the Running Configuration file is updated. You can now select this access profile as the active access profile.