Secure the Routing Engine

From: Jonathan Tse (jonathantse@pacific.net.sg)
Date: Wed May 16 2001 - 18:26:17 EDT

Next message: dave o'leary: "Re: [j-nsp] ATM signaling support in CCC..."
Previous message: MarcoH: "[j-nsp] inserting default-route into ospf"
Next in thread: Aaron Dewell: "Re: Secure the Routing Engine"
Reply: Aaron Dewell: "Re: Secure the Routing Engine"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
Mail actions: [ respond to this message ] [ mail a new topic ]

Hi all,

Cisco has specific acl to deal with the terminal (telnet, ssh) access.
Understand from Juniper's documentation that similar action can be done by
putting filter at lo0.

Q1. Does lo0 be the only interface I need to secure? e.g. can I telnet to
other interface IPs to by pass lo0 filter?

Q2. If I choose lo1 be the router ID and be the one handling routing
protocols. Should I update the filter as well?

Thanks!

Jonathan Tse,
network engineer,
Pacific Internet Singapore,
DID: 65-7710843
FAX: 8726674

Next message: dave o'leary: "Re: [j-nsp] ATM signaling support in CCC..."
Previous message: MarcoH: "[j-nsp] inserting default-route into ospf"
Next in thread: Aaron Dewell: "Re: Secure the Routing Engine"
Reply: Aaron Dewell: "Re: Secure the Routing Engine"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
Mail actions: [ respond to this message ] [ mail a new topic ]

This archive was generated by hypermail 2b29 : Mon Aug 05 2002 - 10:42:42 EDT