IPv6 Management Security Features
Authorized IP Managers for IPv6
Configuring Authorized IP Managers for Switch Access
To configure one or more IPv6-based management stations to access the
switch using the Authorized IP Managers feature, enter the ipv6 authorized-
managers command
Syntax: ipv6 authorized-managers <ipv6-addr> [ipv6-mask] [access <operator |
Configures one or more authorized IPv6 addresses to access
the switch, where:
ipv6-mask specifies the mask that is applied to an IPv6 address
to determine authorized stations. For more information, see
“Using a Mask to Configure Authorized Management Stations”
access <operator | manager> specifies the level of access privilege
granted to authorized stations and applies only to Telnet,
SNMPv1, and SNMPv2c access. Default: Manager.
Note: The Authorized IP Manager feature does not support the
configuration of access privileges on authorized stations that
use an SSH, SNMPv3, or the web browser session to access the
switch. For these sessions, access privilege is configured with
the access application.
Using a Mask to Configure Authorized Management
The ipv6-mask parameter controls how the switch uses an IPv6 address to
determine the IPv6 addresses of authorized manager stations on your net-
work. For example, you can specify a mask that authorizes:
■ Single station access
■ Multiple station access
Note Mask configuration is a method for determining the valid IPv6 addresses that
are authorized for management access to the switch. In the Authorized IP
Managers feature, the mask serves a different purpose than an IPv6 subnet
mask and is applied in a different manner.
Configuring Single Station Access
To authorize only one IPv6-based station for access to the switch, enter the
IPv6 address of the station and set the mask to