Limiting OAMP Access to a Specific WAN Interface

You can limit the access of OAMP applications (such as HTTP, HTTPS, Telnet, and SSH) to a specific WAN interface. This OAMP-interface binding can then be associated with a Virtual Routing and Forwarding (VRF).

➢

To limit OAMP access on a specific WAN interface, through CLI.

1.

Enable WAN management access for specific OAMP applications, using any of the following commands:

(config-system)# cli-terminal

(cli-terminal)# wan-ssh-allow | wan-telnet-allow | wan-snmp-allow | wan-http-allow | wan-https-allow

2.

Define the WAN interface for the OAMP applications, using the OAMPWanInterfaceName ini file parameter or the following CLI command:

(config-system)# bind interface <interface> <slot/port.vlanId> oamp

(config-system)# bind vlan <vlanId> oamp

The following example enables WAN access for Telnet on interface GigabitEthernet 0/0.4 (GigabitEthernet 0/0.4 may be associated with a VRF):

(config-system)# cli-terminal
(cli-terminal)# wan-telnet-allow on
(cli-terminal)# exit
(config-system)# bind interface GigabitEthernet 0/0.5 oamp

➢

To define the WAN OAMP interface using the Web interface:

1.

Open the Web Settings page (see Configuring Secured (HTTPS) Web).

2.

From the 'WAN OAMP Interface' drop-down list, select the required WAN interface.

3.

Click Apply.