in the dist-sw all the GW for all the data subnets are there so when type in putty ssh the GW-IP for any subnet or in the browser https://GW-IP it will show the login page, my goal to cancel that from all the subnet and restrict that to only one subnet
both https server and ssh server are configured like this,
ssh server vrf default
ssh server vrf mgmt
https-server vrf mgmt
what shoul be done so that only the admin workstations ( only one subnet) and nothing else can access Dist-SW?