Manuals / Western Telematic / Computer Equipment / Switch

Western Telematic AFS-16-1 manual Basic Configuration

Models: AFS-16-1

1 135

Download 135 pages 23.28 Kb

Page 51

Basic Configuration

5.9.3.1. Adding IP Addresses to the Allow and Deny Lists

To add an IP Address to the Allow or Deny list, and begin configuring the IP Security feature, proceed as follows.

Notes:

•Both the Allow and Deny list can include Linux operators, wild cards, and net/mask pairs.

•In some cases, it is not necessary to enter all four "digits" of the IP Address. For example, if you wish to allow access to all IP addresses that begin with "192," then you would only need to enter "192."

•The IP Security Configuration menu is only available when the Administrator Mode is active.

•In order to use domain names in the Allow List and/or Deny List, you must first define IP address(es) for the desired Domain Name Server(s) as described in Section 5.9.5.

1.Access the IP Security Configuration Menu. In the Text Interface, the IP Security menu is accessed via the Network Configuration menu. In the Web Browser Interface, the IP Security Configuration menu is accessed via the Network Configuration flyout menu.

2.Allow List: Enter the IP Address(es) for the clients that you wish to allow. Note that if an IP Address is found in the Allow list, the client will be allowed to connect, and the AFS-16 will not check the Deny list.

a)Text Interface: Note the number for the first empty field in the Allow list, then type that number at the command prompt, press [Enter], and then follow the instructions in the resulting submenu.

b)Web Browser Interface: Place the cursor in the first empty field in the parameters menu, then key in the desired IP Address, operators, wild cards, and/or net/mask pairs.

3.Deny List: Enter the IP Address(es) for the clients that you wish to deny. Note that if the client’s IP Address is not found in the Deny List, that client will be allowed to connect. Use the same procedure for entering IP Addresses described in Step 2 above.

5-30

Image 51

Western Telematic AFS-16-1 manual Basic Configuration

Contents

AFS-16-1 Secure Racking Shock Hazard Do Not Enter Lithium BatteryTwo Power Supply Cables Disconnect Power Table of Contents Basic Configuration Telnet & SSH Functions Upgrading AFS-16 Firmware Command Reference Guide Vii List of FiguresIntroduction Security and Co-Location FeaturesBold Font Typographic ConventionsEnvironmental Monitoring and Management WTI Management UtilityDual Power Supply Module  Power Switch and on IndicatorUnit Description Control Module Control ModuleUnit Description Circuit Module Circuit ModuleApply Power to the AFS-16 Getting StartedConnect Your PC to the AFS-16 Communicating with the AFS-16 Fallback Switching Text Interface Fallback SwitchingFallback Switching Web Browser Interface Hardware Installation Connecting the Power Supply CablesConnecting the Network Cable Connecting an External Modem Optional Connecting a Local Control DeviceControl Module SetUp Module Set UpA/C/B Connectors Circuit Module Set UpBasic Configuration Communicating with the AFS-16 UnitText Interface Web Browser Interface Access Via PDA Configuration Menus Defining System Parameters Basic Configuration Real Time Clock and Calendar Invalid Access Lockout Feature Log Configuration Web Browser Interface Callback Security Basic Configuration Scripting Options Basic Configuration User Accounts Command Access LevelsGranting Circuit Module Access Managing User Accounts Viewing User AccountsAdding User Accounts Basic Configuration Deleting User Accounts Modifying User AccountsCircuit Configuration Viewing Circuit Groups Circuit Group DirectoryAdding Circuit Groups Modifying Circuit GroupsDeleting Circuit Groups 1. RS232 Port Modes Serial Port ConfigurationSerial Port Configuration Menu Communication SettingsPort Mode Parameters Network Configuration Network Port Parameters Network Parameters Basic Configuration IP Security Basic Configuration Net/Mask Pairs ExceptDomain Name Server Static RouteSnmp Access Parameters Snmp Trap Parameters Ldap Parameters Group Membership Value Type Default = DN Basic Configuration Tacacs Parameters Basic Configuration Radius Parameters Example WTI-Circuit-Access=0101WTI-Group-Access=111000 WTI-Super=2Email Messaging Parameters Save User Selected Parameters Restore ConfigurationAdding Ping-No-Answer Profiles Ping-No-Answer Fallback SwitchingPing-No-Answer Fallback Switching Viewing Ping-No-Answer Profiles Modifying Ping-No-Answer ProfilesDeleting Ping-No-Answer Profiles Alarm Configuration Output Contacts Control Module AUX Connector Output ContactsOver Temperature Alarms Alarm Configuration Ping-No-Answer Alarm Configuring the Ping-No-Answer AlarmDefining Ping-No-Answer IP Addresses Alarm Configuration Invalid Access Lockout Alarm Alarm Configuration Power Cycle Alarm Monitor/Alarm Input Alarm Configuration High Low Monitor Input Level SettingsAlarm Configuration Status Screens Product StatusNetwork Status Screen Circuit Status Screen Circuit Group Status Screen Audit Log Event LogsTemperature Log Alarm LogA/B Switching Web Browser Interface OperationCircuit Control Screen Web Browser Interface Circuit Group Control Screen Web Browser Interface Operation Circuit Status Screen Text Interface A/B Switching Text Interface2. A/B Switching Commands Text Interface TA 1 Enter or /TA Datacenter EnterTB 2 Enter or /TB Servers Enter TA 13 Enter B Enter or /T SERVERS,A EnterTA ROUTER,Y or /T 2,B,Y TB 1+3+4 Enter +3+4,B EnterManual Operation Logging Out of Command Mode10-1 Telnet & SSH FunctionsSSH Encryption Enter10-2 Creating an Outbound Telnet ConnectionTelnet ip port raw Enter Telnet 255.255.255.255 2000 raw EnterSSH 255.255.255.255 -l employee Enter Creating an Outbound SSH ConnectionSSH ip -l username Enter UsernameConfiguration Syslog Messages11-1 11-2 Testing Syslog Configuration12-1 Snmp Traps12-2 Testing the Snmp Trap FunctionOperation via Snmp AFS-16 Snmp Agent SNMPv3 Authentication and EncryptionConfiguration via Snmp UserTableuserAccessLevel Account access levelDeleting Users Viewing UsersAdding Users Modifying Users13-3 Circuit Control via SnmpControlling Circuits Controlling Circuit GroupsUnit Environment Status Viewing AFS-16 Status via SnmpCircuit Status 15513-5 Sending Traps via Snmp14-1 Setting Up SSL Encryption14-2 Creating a Self Signed Certificate14-3 Creating a Signed Certificate14-4 Downloading the Server Private KeySaving and Restoring Configuration Parameters Sending Parameters to a File15-1 15-2 Restoring Saved Parameters15-3 Restoring Previously Saved Parameters16-1 Upgrading AFS-16 Firmware16-2 17-1 Command Reference GuideCommand Conventions TA * Enter17-2 Command SummaryDisplay Network Status Command SetDisplay Circuit Status Screen Display Circuit Group Status ScreenConnect Exit Command ModeLog Functions Display Site ID / Unit InformationTB 2+3,Y Enter Toggle to a PositionTA 2+3,Y Enter Toggle to B PositionSend Parameters to File Toggle CommandSet All Circuits to Default States +3,A,Y EnterFormat /TELNET ip port raw Enter Unlock Port Invalid Access LockoutSend SSH Key Telnet Outbound TelnetSet Serial Port Parameters SSH Outbound SSHFormat /SSH ip -l username Enter Set System ParametersNetwork Port Parameters PNA Configure Ping-No-Answer FunctionAlarm Configuration Parameters Circuit Group ParametersReboot System Default Upgrade FirmwareTest Test Network Parameters Serial Port RS232 When connectedWhen not connected Appendix A. Interface DescriptionApx-2 Appendix B. SpecificationsSwitching Physical/EnvironmentalApx-3 Appendix C. Customer ServiceTrademark and Copyright Information Trademarks and Copyrights Used in this ManualApx-4 Index-1 IndexRadius CLI Index-2Ldap Index-3Tacacs Index-4NTP Index-5Index-6 Snmp Index-7SNMPV3 Index-8