Alcatel Carrier Internetworking Solutions Omni Switch/Router User Manual

Secure Switch Access

Page 8-5

Create

This option allows you to create a new filter in the secure access database. The following is a
sample display:

Create Filter
------------------
Enter Filter Name:

Enter IP Address ( [a.b.c.d] ) :
Enter MAC Address ( [XXYYZZ: AABBCC] ) :
Is this MAC in Canonical or Non-Canonical (C or N) [C] :
Enter Slot :
Enter Port :

After you have created a filter, the information is automatically saved in the secure access
database, and the

secdefine

submenu re-displays. To review your new configuration, simply

select the list (

l

) option. Descriptions of the fields are as follows:

Enter Filter Name:

The name of the new filter. The name is required and must be at least one

character long and no more than 25 characters.

Enter IP Address ( [a.b.c.d] ):

The allowed

IP

address. The address must be in the displayed

format

( [a.b.c.d] ).

If you enter a value here, the user may access the switch only from this IP

address. If you leave this field blank, a value of

ANY

will display in the secure access list,

allowing access to the switch from any

IP

address.

Enter MAC Address

(

( [XXYYZZ: AABBCC] )

): The allowed

MAC

address. The address must be in

the displayed format (

( [XXYYZZ: AABBCC] )

). If you enter a value here, a user may access the

switch only from this source

MAC

address. If you leave this field blank, a value of

ANY

will

display in the secure access list, allowing this user access to the switch from any

MAC

address.

Is this MAC in Canonical or Noncanonical (C or N) [C] :

The format of the specified

MAC

address.

Typically, ethernet

MAC

addresses are in canonical format while token ring and addresses are

in noncanonical format. The default is canonical

(C)

. This parameter is not required.

Enter Slot

: The module on the switch receiving data from the specified IP or

MAC

address. If

you leave this field blank, a value of

ANY

will display in the secure access list, allowing data

from the specified IP or

MAC

address to be sent through any module on the switch.

Enter Port

: The port on the module receiving data from the specified IP or

MAC

address. If you

enter a value here, you should also specify a slot in the above field. If you leave this field
blank, a value of

ANY

will display in the secure access list, allowing data from the specified IP

or

MAC

address to be sent through any port on the module (if one is specified) or on the

switch (if no slot is specified).

Delete

This option allows you to delete a filter from the secure access list. The screen displays simi-
lar to the following:

Delete Filter
------------------
Enter Filter Name:

If you enter a filter name here, that filter will be immediately deleted from the secure access
database.