Creating an ace – Allied Telesis AT-S63 User Manual

Chapter 28: Management Access Control List

420

Section VII: Management Security

Creating an ACE

To add a new ACE to the management ACL, perform the following
procedure:

1. From the home page, select Configuration.

2. From the Configuration menu, select the Mgmt. Security option.

3. Select the Mgmt. ACL tab.

The tab is shown in Figure 168 on page 419.

4. To add a new ACE, configure the following parameters in the Mgmt.

ACT tab:

MACL ID
Specifies an identification number for the access control entry. Every
ACE must have a unique number. The range is 1 to 256.

Mgmt. ACL IP Address
Specifies the IP address of a management workstation to be allowed
management access to the switch (for example, 149.11.11.11).
Alternatively, you can specify a subnet. You must enter an IP address.
If you enter an IP address of a specific management node, that node
will be permitted remote management access to the switch. If you
enter a subnet, any management node in the subnet will be permitted
remote management access to the switch.

Mgmt. ACL IP Mask
Specifies a mask that indicates the parts of the IP address the switch
should filter on. A binary “1” indicates the switch should filter on the
corresponding bit of the address, while a “0” indicates that it should
not. If you are filtering on a specific IP address, use the mask
255.255.255.255. If you are filtering on a subnet, the mask will depend
on the address. For example, to allow all management workstations in
the subnet 149.11.11.0 to manage the switch, you would enter the
mask 255.255.255.0.

Application
Specifies the application the management station can use to manage
the switch. You can select more than one by holding down the Shift
key when making the selections. The options are:

Telnet - Allows Telnet management.

Web - Allows web browser management.

Ping - Allows the management workstation to ping the switch.

All - Allows all of the above.