BigIron RX Series Configuration Guide 6953-1001986-01Restricting remote access to management functions 4BigIron RX(config)# ip ssh client 209.157.22.39Syntax: [no] ip ssh client Restricting Web Management access to a specific IP addressTo allow Web Management access to the device only to the host with IP address 209.157.22.26,enter the following command.BigIron RX(config)# web client 209.157.22.26Syntax: [no] web client Restricting SNMP access to a specific IP addressTo allow SNMP access (which includes IronView Network Manager) to the device only to the hostwith IP address 209.157.22.14, enter the following command.BigIron RX(config)# snmp-client 209.157.22.14Syntax: [no] snmp-client Restricting all remote management access to a specific IP addressTo allow Telnet, Web, and SNMP management access to the device only to the host with IP address209.157.22.69, you can enter three separate commands (one for each access type) or you canenter the following command.BigIron RX(config)# all-client 209.157.22.69Syntax: [no] all-client Specifying the maximum number of login attempts forTelnet accessIf you are connecting to the device using Telnet, the device prompts you for a username andpassword. By default, you have up to 3 chances to enter a correct username and password. If youdo not enter a correct username or password after 3 attempts, the device disconnects the Telnetsession.You can specify the number of attempts a Telnet user has to enter a correct username andpassword before the device disconnects the Telnet session. For example, to allow a Telnet user upto 3 chances to enter a correct username and password, enter the following command:BigIron RX(config)# telnet login-retries 5Syntax: [no] telnet login-retries You can specify from 0 – 3 attempts. The default is 3 attempts.Restricting remote access to the device to specific VLAN IDsYou can restrict management access to a device to ports within a specific port-based VLAN.VLAN-based access control applies to the following access methods:• Telnet access