Creating an ace – Allied Telesis AT-S62 User Manual

Chapter 29: Management Access Control List

364

Section VII: Management Security

Creating an ACE

To create a new ACE, perform the following procedure:

1. From the Home Page, select Configuration.

2. Select the Mgmt Security menu option.

The Mgmt ACL tab is shown in Figure 119. ACEs already existing in
the Management ACL are listed in the middle section of the tab.

3. To add a new ACE, configure the following parameters in the Mgmt.

ACT tab:

MACL ID
Enter an identification number for the access control entry. Every ACE
must have a unique number. The range is 1 to 256.

Mgmt. ACL IP Address
Enter the IP address of a management workstation you want to allow
to manage the switch (for example, 149.11.11.11). Alternatively, you
can specify a subnet. You must enter an IP address. If you enter an IP
address of a specific management node, then that node will be
permitted remote management access to the switch. If you enter a
subnet, any management node in the subnet will be permitted remote
management access to the switch.

Mgmt. ACL IP Mask
Enter a mask that indicates the parts of the IP address the switch
should filter on. A binary “1” indicates the switch should filter on the
corresponding bit of the address, while a “0” indicates that it should
not. If you are filtering on a specific IP address, use the mask
255.255.255.255. If you are filtering on a subnet, the mask will depend
on the address. For example, to allow all management workstations in
the subnet 149.11.11.0 to manage the switch, you would enter the
mask 255.255.255.0.

Application
Specify the application you want the management station to be able to
use to manage the switch. You can select more than one by holding
down the Shift key when making the selections. The options are:

Telnet - Allows Telnet management.

Web - Allows web browser management.

Ping - Allows the management workstation to ping the switch.

All - Allows all of the above.

4. Click Add.