In PMP450, we can limit access to HTTP, Telnet, etc Management Interfaces using the “IP Access Filtering” settings on the Security Configuration tab.
On ePMP, there is no way to accomplish the same thing. The firewall could be used if the IP address of the SM were static and known, but since we use DHCP for assigning IP addresses and they are dynamic, the firewall cannot be used in its current state. In Bridge Mode, using the firewall to block all incoming port 80, 23, etc would block not just management access but customer traffic on those ports, if they are using them.
We would like either an “IP Access Filtering” section in ePMP or for firewall to be able to block traffic to the SM separate from traffic going through the SM (input chain vs forward chain in iptables speak).