IPv6 Management Security Features
Authorized IP Managers for IPv6
| N o t e s |
|
| If you do not enter a value for the | |||||||
|
|
|
| authorized IPv6 address, the switch automatically uses | |||||||
|
|
|
| FFFF:FFFF:FFFF:FFFF:FFFF:FFFF:FFFF:FFFF as the default mask (see “Configuring | |||||||
|
|
|
| ||||||||
|
|
|
| If you have ten or fewer management and/or operator stations for which you | |||||||
|
|
|
| want to authorize access to the switch, it may be more efficient to configure | |||||||
|
|
|
| them by entering each IPv6 address with the default mask in a separate ipv6 | |||||||
|
|
|
|
|
| ||||||
|
|
|
| When used in a mask, “FFFF” specifies that each bit in the corresponding 16 | |||||||
|
|
|
| ||||||||
|
|
|
| bit (hexadecimal) block of an authorized station’s IPv6 address must be | |||||||
|
|
|
| identical to the same “on” or “off” setting in the IPv6 address entered in the | |||||||
|
|
|
| ipv6 | |||||||
|
|
|
| 1111 1111 1111 1111, where 1 requires the same “on” or “off” setting in an | |||||||
|
|
|
| authorized address.) |
|
|
|
| |||
|
|
|
| For example, as shown in Figure | |||||||
|
|
|
| of FE80::202:B3FF:FE1E:8329 with a mask of | |||||||
|
|
|
| FFFF:FFFF:FFFF:FFFF:FFFF:FFFF:FFFF:FFFF, only a station having an IPv6 address of | |||||||
|
|
|
| FE80::202:B3FF:FE1E:8329 has management access to the switch. | |||||||
|
|
|
|
|
|
|
|
|
|
| |
|
| 1st | 2nd | 3rd | 4th | 5th | 6th | 7th | 8th | Manager- or | |
|
| Block | Block Block Block Block Block | Block | Block |
| |||||
| IPv6 Mask | FFFF | FFFF | FFFF | FFFF | FFFF | FFFF | FFFF | FFFF The “FFFF” in each hexadecimal block | ||
| IPv6 Address | FE80 | 0000 | 0000 | 0000 | 202 | B3FF | FE1E | 8329 | of the mask specifies that only the exact | |
value of each bit in the corresponding block of the IPv6 address is allowed. This mask allows management access only to a station having an IPv6 address of FE80::202:B3FF:FE1E:8329.
FigureTo authorize multiple stations to access the switch without having to
As shown in Figure