Dear friends,
I normally can access switches by their IP in management VLAN, however I suddenly noticed that I can SSH in to any VLAN's active gateway for example, (VLAN 32) 192.168.32.1 and 192.168.32.2 or (VLAN 24) 192.168.24.1 or 192.168.24.2....Would there be any security risks if some students logged in to a PC that connect to the production network and use SSH to access these switches although we have clearpass & Tacacs Authentication?
Is it necessary to put an Access List to block SSH access from all VLANs except Server VLAN sth? Or it is ok to leave like this?
Thanks
ML
------------------------------
Becoming a Networking Engineer
------------------------------