How to block console access to Mobility Controllers?

Aruba Employee
Requirement:

The Controllers should be running minimum AOS: 6.5.x or above



Solution:

Starting from AOS: 6.5.x a new feature "Disable Console Access" has been introduced. The purpose of this command is to introduce an ability to lock down all console ports, for example, micro USB, mini USB on the controller to enable high level security.

Note

With this feature only console access over serial port, USB, and mini USB will be blocked. SSH/ telnet are still allowed.



Configuration:

To Enable:

(Aruba-Master) #configure terminal
Enter Configuration commands, one per line. End with CNTL/Z

(Aruba-Master) (config) #mgmt-user console-block
PLEASE SAVE THE CONFIGURATION. CONSOLE WILL BE BLOCKED ONCE USER LOGS OUT FROM SERIAL-CONSOLE.

 

To Disable:

(Aruba-Master) #configure terminal
Enter Configuration commands, one per line. End with CNTL/Z

(Aruba-Master) (config) #no mgmt-user console-block

 



Verification

The following command shows the status of the console access if is "Blocked or Unblocked"

(Aruba-Master7240) #show mgmt-user console

Serial Console Access:  Blocked

 

When we try to console in to controller when Console Access is enabled:

User: admin
Password: ********
Console access blocked
User:
Version history
Revision #:
2 of 2
Last update:
‎03-27-2017 03:45 PM
Updated by:
 
Labels (1)
Contributors
Search Airheads
cancel
Showing results for 
Search instead for 
Did you mean: