Purpose
To prevent Administrator access to the GUI but still allow admin access via the CLI
Expectations, Requirements
Administrator access only via SSH CLI
Configuration
1 Create an Administrator Profile in the GUI
Verification
Results:
To prevent Administrator access to the GUI but still allow admin access via the CLI
Expectations, Requirements
Administrator access only via SSH CLI
Configuration
1 Create an Administrator Profile in the GUI
Here, you can define which access controls you require None, Read Only & Read-Write
System >> Admin Profiles >> Create New
2 Create an administrator
Create the Administrator user and apply administrator Profile created in step 1
Enable Restrict login to trusted hosts >> Define the IP ranges for admin access
System >> Administrators >> Create new
3 Create a new Object/Address
Create an IP Addresses object with the same range as admin Trusted Host (Step 2)
Policy & Objects >> Addresses >> Create new address
4 Enable local-in-policy
Finally configure the local-in policy to reject HTTP, HTTPS and TELNET. This will only allow SSH CLI access.
Verification
Results:
admin_cli has access only via CLI and not via GUI
