Browsed by
Tag: audit

VTY ACLs don't block HTTP/S access

VTY ACLs don't block HTTP/S access

I was doing some testing on a 3750X and saw that the http and http services were enabled. I knew that you could apply an ACL to restrict HTTP access, but had assumed that the HTTP security was an optional extra on top of the VTY ACL. I tested this … and found out I was wrong. Although http(s) uses the same inband access path as SSH, web admin is not restricted in any way by VTY ACLS. This will be quite obvious to…

Read More Read More