Lindy CPU IP Access Switch Plus Setting IP access control, To reorder access control entries

Page 50

Setting IP access control

The golden rule with this feature is ‘Include before you exclude’ or to put it another way ‘Arrange allowed addresses in the list before the denied addresses’.

This is because the positions of entries in the list are vitally important. Once a range of addresses is denied access, it is not possible to make exceptions for particular addresses within that range. For instance, if the range of addresses from A to F are denied access first, then the address C could not be granted access lower down the list. Address C needs to be placed in the list before the denied range.

To define a new IP access control entry

1 Click the Add button to display a popup dialog:



IMPORTANT: This feature should be configured with extreme caution as it is possible to deny access to everyone. If such an error occurs, see Clear IP access control for details about how to regain access.

In the list, access control addresses prefixed by ‘+’ are allow entries while those prefixed by ‘– ‘ are deny entries.

Network/Address

Enter the network address that is to be allowed or denied access. If a range of addresses is being specified then specify any one of the addresses within the range and use the Mask entry to indicate the size of the range.

Mask

Enter an IP network mask that indicates the range of addresses that are to be allowed or denied access. For instance, if only a single specified IP address were to be required, the mask entry would be 255.255.255.255 in order to specify a single location. See Calculating the mask for IP access control for details.

Access

Use the arrow buttons to select either ‘Allow’ or ‘Deny’ as appropriate.



To get here

1Using VNC viewer or a browser, log on as the ‘admin’ user.

2 Click the ‘Configure’ button in the top right corner. 3 Click the ‘Network configuration’ option.

2Enter the base network address, the mask and select the appropriate access setting.

3 Click the OK button.

To reorder access control entries

IMPORTANT: When reordering, ensure that any specific allowed addresses are listed higher in the list than any denied addresses. Take care not to invoke any deny access settings that would exclude valid users.

1In the access control list, click on the entry to be moved.

2 Click the Up or Down buttons as appropriate.

To edit/remove access control entries

1In the access control list, click on the appropriate entry.

2 Click either the Edit or Remove button as appropriate.

 



49

Page 49 Page 51
Image 50
Page 49 Page 51
Contents CPU IP Access Switch Plus Contents Index Modem/ISDN port Four simultaneous remote usersLocal user IP network/InternetCPU IP Access Switch Plus features front and rear What’s in the box What you may additionally need CD-ROMDouble unit rack brackets MountingSingle unit rack brackets  Host computer or KVM switch ConnectionsTo connect a local keyboard, video monitor and mouse Local keyboard, video monitor and mouseIP network port To connect the IP network portModem/ISDN port Power supply connectionTo connect the power supply To connect a modem or Isdn portPower control port To connect and address the switch boxesPart 1 Local configuration Initial configurationPart 1 Local configuration Part 2 Remote configurationTime and Date To perform the initial local configurationAdmin password EncryptionViewer encryption settings Encryption settingsCPU IP encryption settings EncryptionHot plugging and mouse restoration Which restore setting do I use?To restore mouse operation when hot plugging Recognising an IntelliMouse-style mouseCPU IP does not display the configuration sequence Resetting the configurationCPU IP asks for an unknown admin password To invoke a configuration reset by main menuPart 2 Remote configuration To perform the remote configurationPositioning CPU IP in the network Networking issuesPort settings Placing CPU IP behind a router or firewallDNS addressing AddressingTo discover a DHCP-allocated IP address Firewall/router addressPorts Placing CPU IP alongside the firewallEnsuring sufficient security To configure the power sequences for each host computer Power switching configurationPower control sequences Power OffPerforming a flash upgrade Important Wait until the upgrade is completeTo make a local connection Connecting to the CPU IPLocal connection To view the local control menuRemote connections To avoid the ‘hall of mirrors’ effectRemote connection by VNC viewer To connect using the VNC viewerTo connect using your Web browser Remote connection by Web browserMenu bar Using the viewer windowWhen using the viewer window Host selection ConfigureMouse pointers To select a hostAuto calibrate Access mode shared/privatePower control Re-synchronise mouseControls Contrast Setting the Threshold manuallyPhase  If you need to enter a port number Connecting via dial up modem or Isdn linkDownloading VNC viewer from the CPU IP Windows Viewer encryption settingsSupported web browsers LinuxTroubleshooting Getting assistanceAppendix 1 Local configuration menus To access the local configuration menusUnit configuration Network configuration Modem configuration Reset configuration To reset the CPU IP configurationTo clear IP access control Clear IP access controlWhat is IP access control? Auto select Appendix 2 VNC viewer connection optionsColour/Encoding Preferred encodingInputs MiscSave as defaults DefaultsReload defaults Save configuration file asAppendix 3 VNC viewer window options Security Appendix 4 Browser viewer optionsEncoding and colour level Main configuration menu Logged on users Appendix 5 Remote configuration menusTo access the remote configuration menus User accounts Firmware Version Screensaver timeoutHardware Version Host Keyboard LayoutProtocol timeout Advanced unit configurationIdle timeout Force VNC protocolIP gateway IP access controlIP network mask To reorder access control entries Setting IP access controlTo define a new IP access control entry To edit/remove access control entriesModem port Serial port configurationPower control port Host configuration To create a new host entryOccurred Click to clear All log entries Refresh Logging and statusTo copy and paste the log ListNet masks Appendix 6 Addresses, masks and portsIP addresses Binary equivalent Net masks the binary explanationInside a bit-wise and function Binary octet afterAll locations Calculating the mask for IP access controlSingle locations Address rangesSecurity issues with ports Ports4pin RJ10 Appendix 7 Cable and connector specifications6pin mini-DIN 9pin D-type FemaleAppendix 8 Hotkey sequence codes Safety information Other products in the CPU Switch rangeWarranty Safety considerations when using power switches with CPU IPFCC Compliance Statement United States Radio Frequency EnergyEuropean EMC directive 89/336/EEC USA Germany France ItaliaIndex 
Top Page Image Contents