Good day
Hoping to find some assistance with best practices to secure ssh/snmp access to
router running VyOS.
running 1.1.5?, there does not seem to be an option to apply a firewall on
interface lo:
# set interfaces loopback lo
Possible completions:
+ address IP address
description Description
> ip IPv4 routing parameters
> ipv6 IPv6 routing parameters
redirect Incoming packet redirection destination
> traffic-policy
Traffic-policy for interface
[edit]
Since a lot of the management devices connect to the router via it's FQDN,
(which typically points to the lo address, as this will be available via any
interface), we require the SSHD to listen on this address.
Other than configuring a firewall on each and every interface, are there any
better ways to limit the address range of devices that are allowed to access
the router via ssh/snmp ?
Regards
Dave
_______________________________________________
Vyos-developers mailing list
[email protected]
http://lists.tuxis.nl/listinfo/vyos-developers
