5-17
Confi guration
Example 1: Deny access to all hosts except 192.1.1.5:
Security Mask #1: 255.255.255.255 Mask #1 Action: Deny
Security Mask #2: 192.1.1.5 Mask #2 Action: Permit
Since 255 is a wild card, Mask #1 blocks all IP Addresses. Mask #2 then
specifically grants access to 192.1.1.5 only.
Example 2: Allow access only by addresses that begin with 192.
Security Mask #1: 255.255.255.255 Mask #1 Action: Deny
Security Mask #2: 192.255.255.255 Mask #2 Action: Permit
Since 255 is a wild card, Mask 1 blocks all IP addresses. Mask 2 then
grants access to all addresses that begin with 192.
Example 3: Allow access only by addresses that begin with 192, deny
access to 192.1.1.5.
Security Mask #1: 255.255.255.255 Mask #1 Action: Deny
Security Mask #2: 192.255.255.255 Mask #2 Action: Permit
Security Mask #3: 192.1.1.5 Mask #3 Action: Deny
Since 255 is a wild card, Mask 1 blocks all IP addresses. Mask 2 then
grants access to all addresses that begin with 192. Finally, Mask 3
specifically blocks access by 192.1.1.5.
Note:
• Mask #5 has priority over the other four masks. If Mask #5 is
set to deny access by "255.255.255.255" (all wild cards), you
will not be able to access IPS Command Mode via network.
Access will only be allowed via a Local PC or external modem
connected to the IPS Console Port.
• When using the wild card address "255.255.255.255", make
certain that at least one higher priority mask permits access by
your IP address.