1101 and 1102 Secure Device Servers
Add other network host
To add any other type of network host with the following details:
IP address/ DNS name | 192.168.3.10 |
Host name | OfficePC |
Description | MyPC |
Allowed sevices | ssh port 22,https port 443 |
log level for services | 1 |
Issue the commands below. If the Host is not a PDU or UPS power device or a server with IPMI power control, then leave the device type blank:
#config
#config
#config
#config
#config
#config
#config
#config
If you want to add the new host as a managed device, make sure you use the current total number of managed devices + 1, for the new device number.
To get the current number of managed devices:
# config -g config.devices.total
Assuming we already have one managed device, our new device will be device 2. Issue the following commands:
#config
#config
#config
#config
#config
The following command will synchronize the live system with the new configuration:
#config –hosts
14.7Trusted Networks
You can further restrict remote access to serial ports based on the source IP address. To configure this via the command line, you need to do the following:
Determine the total number of existing trusted network rules. If you have no existing rules, you can assume this is 0.
# config -g config.portaccess.total
This command should display config.portaccess.total 1
Note that if you see config.portaccess.total this means you have 0 rules configured.
Your new rule will be the existing total plus 1. So if the previous command gave you 0, then you start with rule number 1. If you already have 1 rule, your new rule will be number 2, etc.
If you want to restrict access to serial port 5 to computers from a single class C network (192.168.5.0 for example), you need to issue the following commands (assuming you have a previous rule in place).
Add a trusted network:
#config
#config
#config
#config
#config
126 |
