The control plane of Cisco WAN Edge devices process the data traffic for local services like, SSH and SNMP, from a set of sources. It is important to protect the CPU from device access traffic by applying the filter to avoid malicious traffic.
Access policies define the rules that traffic must meet to pass through an interface. The below examples define rules to identify from where ssh and snmp traffic can be allowed.
Example-1 : The below configurations define sequence 10 , 15 and 20 source addresses from which SSH can be allowed and a counter_name is associated to each sequence. Seqence 25 defines from which source addresses SNMP traffic can be allowed.The default action of drop has been configured.