5-30
Basic Configuration
5.9.3.1. Adding IP Addresses to the Allow and Deny Lists
To add an IP Address to the Allow or Deny list, and begin configuring the IP Security
feature, proceed as follows.
Notes:
• BoththeAllowandDenylistcanincludeLinuxoperators,wildcards,and
net/maskpairs.
• Insomecases,itisnotnecessarytoenterallfour"digits"oftheIPAddress.
Forexample,ifyouwishtoallowaccesstoallIPaddressesthatbeginwith
"192,"thenyouwouldonlyneedtoenter"192."
• TheIPSecurityConfigurationmenuisonlyavailablewhentheAdministrator
Modeisactive.
• InordertousedomainnamesintheAllowListand/orDenyList,youmust
firstdefineIPaddress(es)forthedesiredDomainNameServer(s)as
describedinSection5.9.5.
1. Access the IP Security Configuration Menu. In the Text Interface, the IP Security
menu is accessed via the Network Configuration menu. In the Web Browser
Interface, the IP Security Configuration menu is accessed via the Network
Configuration flyout menu.
2. AllowList: Enter the IP Address(es) for the clients that you wish to allow. Note that
if an IP Address is found in the Allow list, the client will be allowed to connect, and
the AFS-16 will not check the Deny list.
a) TextInterface: Note the number for the first empty field in the Allow list, then
type that number at the command prompt, press [Enter], and then follow the
instructions in the resulting submenu.
b) WebBrowserInterface: Place the cursor in the first empty field in the
parameters menu, then key in the desired IP Address, operators, wild cards,
and/or net/mask pairs.
3. DenyList: Enter the IP Address(es) for the clients that you wish to deny. Note that
if the client’s IP Address is not found in the Deny List, that client will be allowed to
connect. Use the same procedure for entering IP Addresses described in Step 2
above.