Casio ACS V6000 manual Hosts, Firewall, To add a host, To edit a host, Configuring the firewall

Page 28

Chapter 3: Accessing a Virtual Console Server via the Web Manager 23

4.Enter the IP address of the gateway in the Gateway field.

5.Enter the number of hops to the destination in the Metric field, then click Save.

Hosts

An administrator can configure a table of host names, IP addresses and host aliases for the local network.

To add a host:

1.Select Network - Hosts.

2.Click Add to add a new host.

3.Enter the IP address, hostname and alias of the host you want to add, then click Save.

To edit a host:

1.Select Network - Hosts.

2.Click on the IP address of the hostname you want to edit.

3.Enter a new hostname and alias, as applicable, then click Save.

Firewall

Administrators can configure the virtual console server to act as a firewall. By default, three built-in chains accept all INPUT, FORWARD and OUTPUT packets. Select the Add, Delete or Change Policy buttons to add a user chain, delete user added chains and to change the built-in chains policy. Default chains can have their policy changed (Change Policy) to accept or drop, but cannot be deleted. Clicking on the Chain Name allows you to configure rules for chains.

Firewall configuration is available by clicking on Network - Firewall. Separate but identical configuration screens are available from either the IPv4 Filter Table or IPv6 Filter Table menu options.

Only the policy can be edited for a default chain; default chain policy options are ACCEPT and DROP.

When a chain is added, only a named entry for the chain is created. One or more rules must be configured for a chain after it is added.

Configuring the firewall

For each rule, an action (either ACCEPT, DROP, RETURN, LOG or REJECT ) must be selected from the Target pull-down menu. The selected action is performed on an IP packet that matches all the criteria specified in the rule.

Image 28

Contents ACS Page ACS B L E of C on TE N TS Iii ACS v6000 Installation/Administration/User Guide Features and Benefits Access optionsIPv4 and IPv6 support Web ManagerFlexible users and groups Authentication SecurityVPN based on IPSec with NAT traversal Packet filteringData logging, notifications, alarms and data buffering Auto discoveryTo create the virtual machine using the vSphere client ACS v6000 virtual console server requirementsPage Using Telnet or SSH To use Telnet to connect to a device through a serial port # telnet hostname IPaddressTo close a Telnet session To use SSH to connect to a device through a serial portTo close an SSH session ACS v6000 Installation/Administration/User Guide Web Manager Overview for Administrators To log into the web managerWizard Mode Wizard Screen To configure licenses To configure network parametersTo configure Ports Expert Mode AccessTo configure users and change the default user passwords To view and connect to devices using the web managerSystem System ToolsSecurity profiles To configure DSView 3 software security settings To configure the Security ProfileSelect System Security Security Profile Date and Time Help and LanguageInformation VM SettingsUsage To add an association by Datacenter To configure a vCenterVCenter Network To power control targets using the web managerLicense Settings To configure a network deviceDevices IPv4 and IPv6 static routesConfiguring the firewall HostsFirewall To add a hostProtocol options To add a chainTo change the policy for a default chain IPSecVPNTo add a rule To edit a rulePayload or AH Authentication Header To configure Snmp Snmp ConfigurationClick Network Snmp To enable or disable one or more serial ports PortsSerial ports Select Ports Serial PortsCAS Ctrl-X Parameter Description CAS Profile To copy/clone the configuration of one port to other portsAuto discovery Select Probe Strings or Match Strings To configure the input/output strings used by auto answerSelect Ports CAS Profile Auto Answer Pool of CAS ports To configure a pool of CAS portsClick Ports Pool of CAS Ports Authentication Pool of CAS Ports Parameters Parameter DescriptionAppliance authentication Authentication serversTo set authentication for the console server To configure a Radius authentication serverTo configure a TACACS+ authentication server Select Authentication Authentication Servers TACACS+To configure an Ldapsad authentication server Select Authentication Authentication Servers LdapsadTo configure a Kerberos authentication server To configure an NIS authentication serverTo configure a DSView authentication server Users Accounts and User GroupsLocal accounts To add new usersTo configure password rules Click Users Local Accounts Password RulesAdmin group User groupsTo view admin Appliance Access Rights Appliance-admin group Shell-login-profileUser group Managing user groupsCheck the Enable Log-In Profile box To configure a login profile for a user groupTo remove members from a user group To add access to serial ports for a user group To assign appliance access rights for custom user groupsTo configure a group in a TACACS+ authentication server To configure a group in a Radius authentication serverEvent List Event NotificationsEvent Destinations Data Buffering To configure Data BufferingSelect Events and Logs Data Buffering To configure Appliance Logging Active SessionsMonitoring Appliance LoggingChange Password To change your own passwordSelect Change Password Web Manager Overview for Regular UsersACS v6000 Installation/Administration/User Guide Appendix a BootP Configuration Retrieval ConfigurationTo resolve an issue Appendix B Technical SupportFor Technical Support