> -----Original Message----- > From: Chris Kawchuk [mailto:juniperd...@gmail.com] > Sent: Sunday, April 03, 2011 5:41 PM > To: Jesus Alvarez > Cc: juniper-nsp; Stefan Fouant > Subject: Re: [j-nsp] Changing SSH port on EX switches, M routers > > Ok, it may appear that I was advocating "security by obscurity", hence > here's an example of a 'correct' way of doing things: =) > > policy-options { > /* Put your known IPs here to allow them through */ > prefix-list management-ips { > 1.2.3.4/32; > 2.3.4.5/32; > 3.4.5.6/32; > } > }
Thanks for inclusion of the inbound-prefix ACLs for completeness of the discussion. For the record, the comment wasn't directed at you, but rather the direction of the thread. Stefan Fouant, CISSP, JNCIEx2 www.shortestpathfirst.net GPG Key ID: 0xB4C956EC _______________________________________________ juniper-nsp mailing list juniper-nsp@puck.nether.net https://puck.nether.net/mailman/listinfo/juniper-nsp