SSH Access Control List

Overview

The SSH Access Control List (ACL) feature allows or restricts SSH access to the zWAN edge controller. SSH ACL configuration can be managed through the provider interface and is useful for controlled, restricted access to the device, especially for debugging purposes. SSH access can also be fully disabled if necessary.

Functionality

SSH access can be restricted based on several criteria:

1. IP: Limit access to specific IP addresses.
2. Subnets: Grant SSH access to specific subnets or domains.
3. Interfaces: Restrict SSH access to specific network interfaces.

The image below illustrates the SSH ACL configuration interface for the zWAN edge device:

Result

Once configured, permitted IPs, subnets, or interfaces appear in the corresponding sections on the interface. By default, all connections are allowed if the SSH ACL is not enabled. When enabled, only traffic from specified IPs, subnets, or interfaces will be permitted to access the edge controller.

Known Limitations

• Subnet Validation: The system does not validate subnet entries, so users must ensure they enter correct subnet details.
• IPv6 Support: IPv6 addresses are not validated.