Hi, I have four PC7048s in my DMZ. External facing, Internal facing and 2 separate DMZs. All good. All working.
Since they are DMZs i only want them to route between each other and so have switched off SSH, Https, Telnet and http management so they cannot be remotely managed from those DMZ subnets.
I then plugged the OOB interfaces into my internal management switch and VLAN them accordingly. Great i can now ping my OOB interfaces on all four. But i cannot manage them since i have disabled SSH, HTTPS, HTTP and Telnet
If i enable them (just SSH and HTTPS) i am now able to manage the switches from the DMZ subnet on the DMZ IPs
I thought the point of the OOB was so this didn't happen and there was isolation? If i have to globally switch on HTTPS and SSH then they're not really properly isolated (i understand that traffic from OOB cannot talk to IN-Band etc - it's the fact that i have to turn on a global configuration for in isolated OOB service)
Am i missing something?
Thanks