22
23
– Prex Length — Denes the number of bits that comprise the source IP address prex, or the network mask of the
source IP address.
Action —Denes the action attached to the access rule. The possible eld values are:
– Permit — Permits access to the device.
– Deny — Denies access to the device. This is the default.
3. Click . The access prole is saved and the device is updated.
5.1.1.2 Dening Prole Rules
Access profiles can contain up to 128 rules that determine which users can manage the switch module, and by which
methods. Users can also be blocked from accessing the device. Rules are composed of lters including:
Rule Priority
Interface
Management Method
IP Address
Prex Length
Forwarding Action
To dene prole rules:
1. Click System > Management Security > Authentication > Prole Rules. The Prole Rules Page opens:
Figure 26: Prole Rules Page
The Prole Rules Page contains the following elds:
Access Prole Name — Displays the access prole to
which the rule is attached.
Priority — Denes the rule priority. When the packet is
matched to a rule, user groups are either granted per-
mission or denied device management access. The
rule number is essential to matching packets to rules, as packets are matched on a rst-t basis.
Interface — Indicates the interface type to which the rule applies. The possible eld values are:
– Port — Attaches the rule to the selected port.
– LAG — Attaches the rule to the selected LAG.
– VLAN — Attaches the rule to the selected VLAN.
Management Method — Denes the management method for which the rule is dened. Users with this access prole
can access the device using the management method selected. The possible eld values are:
– All — Assigns all management methods to the rule.
– Telnet — Assigns Telnet access to the rule. If selected, users accessing the device using Telnet meeting access prole
criteria are permitted or denied access to the device.
– Secure Telnet (SSH) — Assigns SSH access to the rule. If selected, users accessing the device using Telnet meeting
access prole criteria are permitted or denied access to the device.
– HTTP — Assigns HTTP access to the rule. If selected, users accessing the device using HTTP meeting access prole
criteria are permitted or denied access to the device.
– Secure HTTP (HTTPS) — Assigns HTTPS access to the rule. If selected, users accessing the device using HTTPS
meeting access prole criteria are permitted or denied access to the device.
– SNMP — Assigns SNMP access to the rule. If selected, users accessing the device using SNMP meeting access
prole criteria are permitted or denied access to the device.
Source IP Address — Denes the interface source IP address to which the rule applies.