Chapter 6. Administration of the Telecommuting Module
No.
The No. field determines the order of the lines. The order is important in deciding what is logged and warned for. The Telecommuting Module uses the first line that matches the configuration traffic.
Perhaps you want to configure the Telecommuting Module so that configuration traffic from one specific computer is simply logged while traffic from the rest of that computer’s network is both logged and generates alarms.
The rules are used in the order in which they are listed, so if the network is listed first, all configuration traffic from that network is both logged and generates alarms, including the traffic from that individual computer. But if the individual computer is listed on a separate line before the network, that line will be considered first and all configuration traffic from that computer is only logged while the traffic from the rest of the computer’s network is both logged and generates alarms.
DNS Name Or Network Address
Enter the DNS name or IP address of the computer or network from which the Telecommut- ing Module can be configured. Avoid allowing configuration from a network or computer on the Internet or other insecure networks, or use HTTPS or IPsec to connect to the Telecom- muting Module from these insecure networks.
Network address
Shows the network address of the DNS Name Or Network Address you entered in the previous field.
Netmask/Bits
Netmask/Bits is the mask that will be used to specify the configuration computers. See chapter 3 of the User Manual for instructions on writing the netmask. To limit access so that only one computer can configure, use the netmask 255.255.255.255. You can also specify the netmask as a number of bits, which in this case would be 32. To allow configuration from an entire network, you must enter the network address under Network address, and a netmask with a lower number here. To allow configuration from several computers or networks, create several lines for the information.
Range
The Range shows all IP addresses from which the Telecommuting Module can be config- ured. The range is calculated from the configuration under DNS Name Or Network Ad- dress and Netmask/Bits. Check that the correct information was entered in the DNS Name Or Network Address and Netmask/Bits fields.
Via IPsec Peer
Here, you can select an IPsec Peer from which this connection must be made. If an IPsec peer is selected, you will only be able to configure the Telecommuting Module from this IP address through an IPsec tunnel.
50