IPv6 Management Security Features

Authorized IP Managers for IPv6

The next IPv6 command authorizes operator-level access for sixty-four IPv6 stations: thirty-two stations in the subnets defined by 0x0006 and 0x0007 in the fourth block of an authorized IPv6 address:

ProCurve(config)# ipv6 authorized-managers 2001:db8:0000:0007:231:17ff:fec5:c967 ffff:ffff:ffff:fffe:ffff:ffff:ffff:ffe0 access operator

The following ipv6 authorized-managerscommand authorizes a single, automat- ically generated (EUI-64) IPv6 address with manager-level access privilege:

ProCurve(config)# ipv6 authorized-managers ::223:04ff:fe03:4501 ::ffff:ffff:ffff:ffff

Editing an Existing Authorized IP Manager Entry. To change the mask or access level for an existing authorized IP manager entry, enter the IPv6 address with the new value(s). Any parameters not included in the command are reset to their default values.

The following command replaces the existing mask and access level for IPv6 address 2001:DB8::231:17FF:FEC5:C967 with FFFF:FFFF:FFFF:FFFF:FFFF:FFFF:FFFF:FF00 and operator:

ProCurve(config)# ipv6 authorized-managers 2001:db8::231:17ff:fec5:c967 ffff:ffff:ffff:ffff:ffff:ffff:ffff:ff00 access operator

The following command replaces the existing mask and access level for IPv6 address 2001:DB8::231:17FF:FEC5:3E61 with FFFF:FFFF:FFFF:FFFF:FFFF:FFFF:FFFF:FFFF and manager (the default values). Note that it is not necessary to enter either of these parameters:

ProCurve(config)# ipv6 authorized-managers 2001:db8::a05b:17ff:fec5:3f61

Deleting an Authorized IP Manager Entry. Enter only the IPv6 address of the configured authorized IP manager station that you want to delete with the no form of the command; for example:

ProCurve(config)# no ipv6 authorized-managers 2001:db8::231:17ff:fec5:3e61

6-14

Page 142
Image 142
HP IPv6 5400zl, IPv6 6200yl, IPv6 2900, IPv6 3500yl manual IPv6 Management Security Features