Configuration
ExampleSecurity1:MaskDeny#2:1921#1:255access.255.1.to.5255all.255hosts exceptMask#1#2192Action:.1.1.5: DenyPermit
Since 255 is a wild card, Mask #1 blocks all IP Addresses. Mask #2 then specifically grants access to 192.1.1.5 only.
Example 2:MaskAllow#2:192192access255 only by addresses#2that beginPermitwith 192.
SinceSecurity255 is wild#1:25523card,.11. Mask..5255.2551 blocksMask#all IP132addressesAction:PermitDeny. Mask 2 then grants access to all addresses that begin with 192.
Example 3: Allow access only by addresses that begin with 192, deny access to 192. .1.
Since 255 is a wild card, Mask 1 blocks all IP addresses. Mask 2 then grants access to all addresses that begin with 192. Finally, Mask 3 specifically blocks access by 192.1.1.5.
Note:
Mask #5 has priority over the other four masks. If Mask #5 is set to deny access by "255.255.255.255" (all wild cards), all IP Addresses will be blocked, and you will not be able to access the NPS Command Mode via network. Access will only be allowed via the Console Port or Modem Port.
When using the wild card address "255.255.255.255" to block access by all IP Addresses, make certain that at least one higher priority mask permits access by your IP address.