Western Telematic IPS-400 Switch User Manual


 
5-17
Confi guration
Example 1: Deny access to all hosts except 192.1.1.5:
Security Mask #1: 255.255.255.255 Mask #1 Action: Deny
Security Mask #2: 192.1.1.5 Mask #2 Action: Permit
Since 255 is a wild card, Mask #1 blocks all IP Addresses. Mask #2 then
specifically grants access to 192.1.1.5 only.
Example 2: Allow access only by addresses that begin with 192.
Security Mask #1: 255.255.255.255 Mask #1 Action: Deny
Security Mask #2: 192.255.255.255 Mask #2 Action: Permit
Since 255 is a wild card, Mask 1 blocks all IP addresses. Mask 2 then
grants access to all addresses that begin with 192.
Example 3: Allow access only by addresses that begin with 192, deny
access to 192.1.1.5.
Security Mask #1: 255.255.255.255 Mask #1 Action: Deny
Security Mask #2: 192.255.255.255 Mask #2 Action: Permit
Security Mask #3: 192.1.1.5 Mask #3 Action: Deny
Since 255 is a wild card, Mask 1 blocks all IP addresses. Mask 2 then
grants access to all addresses that begin with 192. Finally, Mask 3
specifically blocks access by 192.1.1.5.
Note:
Mask #5 has priority over the other four masks. If Mask #5 is
set to deny access by "255.255.255.255" (all wild cards), you
will not be able to access IPS Command Mode via network.
Access will only be allowed via a Local PC or external modem
connected to the IPS Console Port.
When using the wild card address "255.255.255.255", make
certain that at least one higher priority mask permits access by
your IP address.