When configuring a profile for Edge access, you must make sure to select the appropriate option for support access, SNMP access, and local web UI access under Firewall settings. By default, support access, SNMP access, and Local Web UI access are disabled for security reasons.

Procedure

  1. From the SD-WAN Orchestrator, go to Configure > Profiles > Firewall.
    configure-profile-firewall-edge-access.32
  2. Under Edge Access area, select the Log Edge Access checkbox to log all edge access.
  3. For Support Access, select Allow the following IPs option and explicitly specify the IP addresses from where you can SSH into this edge.
  4. For SNMP Access from routed interface/WAN, choose Allow All LAN or Allow the following IPs option if the SNMP servers are in the LAN.
  5. For Local Web UI Access from routed interface/WAN, choose Allow All LAN or Allow the following IPs.
  6. In the Local Web UI Port Number text box, enter the port number of the local web UI.
  7. Click Save Changes.

Results

What to do next

If you want to override the edge access settings for a specific edge, use Enable Edge Override option available on the Edge Firewall page. For related information, see Configure Firewall for Edges