BDCOM. Restricting access to the web interface

I’ll give an example of how to allow connections to the BDCOM OLT web interface only from specified IP addresses; in a similar way, you can limit other traffic to the OLT, as well as traffic passing to users through the OLT.

Let’s connect to the device and go to configuration mode:


Let’s create an extended access list in which we will allow addresses and to connect on port 80 (www) to (this is the IP address of the OLT), then we will prohibit all other http traffic up to and allow all non-http:

ip access-list extended OPERATOR
permit tcp eq www
permit tcp eq www
deny tcp any eq www
permit ip any any

After creating the access list, it must be applied to the desired interface, since the OLT IP address in my case was assigned to the VLAN207 interface, then I applied to it:

interface VLAN207
ip access-group OPERATOR in

Now you can start the web server and save the changes:

ip http server
write all

See also my articles:
BDCOM. Adding a user with limited rights

Leave a comment

Leave a Reply