HP Integrity rx2800 System Management Homepage User Guide - Page 72

IP Binding, Trust Modes

Get HP Integrity rx2800 - i2 PDF manuals and user guides View all HP Integrity rx2800 manuals
Add to My Manuals
Save this manual to your list of manuals

Page 72 highlights

smhconfig -i|--ip-restricted-include [=] IPLIST The following is an example of how IPLIST is formatted: 122.23.44.1-122.23.44.255;172.84.100.35;172.168.10.5;168.172.10.1-168.172.10.128 IP Address Exclusion Perform the IP address restricted command as follows: smhconfig -e|--ip-restricted-exclude [=] IPLIST The following is an example of how IPLIST is formatted: 122.23.44.1-122.23.44.255;172.84.100.35;172.168.10.5;168.172.10.1-168.172.10.128 NOTE: IPv4 and IPv6 address ranges are supported. Currently, IPv4 address ranges are supported. IP Binding IP binding provides HP SMH the ability to listen only to the addresses configured in the IP binding list. If IP binding is enabled and the IP binding list is empty, HP SMH will only be accessible locally. Perform the IP binding command as follows: smhconfig -g|--ip-binding [=] True | False IP binding list Use the following command to configure the IP binding list to be used when IP binding is enabled. smhconfig -I|--ip-binding-list [=] IPBINDLIST IPBINDLIST must be a list of semicolon-separated IP addresses and/or IP address/netmask pairs. The following is an example of how IPBINDLIST is formatted: 122.23.44.1-122.23.44.255;172.84.100.35;172.168.10.5;168.172.10.1-168.172.10.128 Trust Modes The HP SMH trusts Systems Insight Manager (HP SIM) or Insight Manager 7 (IM 7) secure task execution requests and single sign on requests with various levels of security, ranging from trust all to only trust HP SIM or Insight Manager 7 with trusted certificates: • Trust All This command sets up the http server to accept all secure task execution requests and single sign on requests from any HP SIM or Insight Manager 7 server: smhconfig -t|--trust-mode [=] TrustByAll • Trust By Name This command sets up the HP SMH to only accept secure task execution requests and single sign on requests from the listed HP SIM or Insight Manager 7 servers: smhconfig -t|--trust-mode [=] TrustByName To configure the trusted servers name list for the TrustByName trust mode, use the following command: smhconfig -X|--xe-name-list [=] XENAMELIST XENAMELIST is a list of the Systems Insight Manager or Insight Manager 7 servers that trust, using a comma or semicolon as a delimiter. The following is an example of the name list format: server1,server2.domain1;server3,server4.domain2 • Trusted Certificates This command establishes the trust relationship between HP SIM or Insight Manager 7 and the HP SMH using the certificate. The trust mode is set to TrustByCert using the following command: smhconfig -t|--trust-mode [=] TrustByCert A trusted certificate is added to the trusted certificate list using the following command: smhconfig -C|--trust-certificate [=] FILE FILE is the name of the file containing the base 64 encoded certificate to be added to the trusted certificate list. 72 Command Line Interface Configuration

  • 1
  • 2
  • 3
  • 4
  • 5
  • 6
  • 7
  • 8
  • 9
  • 10
  • 11
  • 12
  • 13
  • 14
  • 15
  • 16
  • 17
  • 18
  • 19
  • 20
  • 21
  • 22
  • 23
  • 24
  • 25
  • 26
  • 27
  • 28
  • 29
  • 30
  • 31
  • 32
  • 33
  • 34
  • 35
  • 36
  • 37
  • 38
  • 39
  • 40
  • 41
  • 42
  • 43
  • 44
  • 45
  • 46
  • 47
  • 48
  • 49
  • 50
  • 51
  • 52
  • 53
  • 54
  • 55
  • 56
  • 57
  • 58
  • 59
  • 60
  • 61
  • 62
  • 63
  • 64
  • 65
  • 66
  • 67
  • 68
  • 69
  • 70
  • 71
  • 72
  • 73
  • 74
  • 75
  • 76
  • 77
  • 78
  • 79
  • 80
  • 81
  • 82
  • 83
  • 84
  • 85
  • 86
  • 87
  • 88
  • 89
  • 90
  • 91
  • 92
  • 93
  • 94
  • 95
  • 96
  • 97
  • 98
  • 99
  • 100
  • 101
  • 102
smhconfig -i|--ip-restricted-include [=]
IPLIST
The following is an example of how
IPLIST
is formatted:
122.23.44.1-122.23.44.255;172.84.100.35;172.168.10.5;168.172.10.1-168.172.10.128
IP Address Exclusion
Perform the IP address restricted command as follows:
smhconfig -e|--ip-restricted-exclude [=]
IPLIST
The following is an example of how
IPLIST
is formatted:
122.23.44.1-122.23.44.255;172.84.100.35;172.168.10.5;168.172.10.1-168.172.10.128
NOTE:
IPv4 and IPv6 address ranges are supported.
Currently, IPv4 address ranges are supported.
IP Binding
IP binding provides HP SMH the ability to listen only to the addresses configured in the IP binding list. If IP
binding is enabled and the IP binding list is empty, HP SMH will only be accessible locally.
Perform the IP binding command as follows:
smhconfig -g|--ip-binding [=] True | False
IP binding list
Use the following command to configure the IP binding list to be used when IP binding is
enabled.
smhconfig -I|--ip-binding-list [=]
IPBINDLIST
IPBINDLIST
must be a list of semicolon-separated IP addresses and/or IP address/netmask pairs.
The following is an example of how
IPBINDLIST
is formatted:
122.23.44.1-122.23.44.255;172.84.100.35;172.168.10.5;168.172.10.1-168.172.10.128
Trust Modes
The HP SMH trusts Systems Insight Manager (HP SIM) or Insight Manager 7 (IM 7) secure task execution
requests and single sign on requests with various levels of security, ranging from trust all to only trust HP SIM
or Insight Manager 7 with trusted certificates:
Trust All
This command sets up the http server to accept all secure task execution requests and single
sign on requests from any HP SIM or Insight Manager 7 server:
smhconfig -t|--trust-mode [=] TrustByAll
Trust By Name
This command sets up the HP SMH to only accept secure task execution requests and
single sign on requests from the listed HP SIM or Insight Manager 7 servers:
smhconfig -t|--trust-mode [=] TrustByName
To configure the trusted servers name list for the TrustByName trust mode, use the following command:
smhconfig -X|--xe-name-list [=]
XENAMELIST
XENAMELIST
is a list of the Systems Insight Manager or Insight Manager 7 servers that trust, using a
comma or semicolon as a delimiter. The following is an example of the name list format:
server1,server2.domain1;server3,server4.domain2
Trusted Certificates
This command establishes the trust relationship between HP SIM or Insight Manager
7 and the HP SMH using the certificate. The trust mode is set to TrustByCert using the following command:
smhconfig -t|--trust-mode [=] TrustByCert
A trusted certificate is added to the trusted certificate list using the following command:
smhconfig -C|--trust-certificate [=]
FILE
FILE
is the name of the file containing the base 64 encoded certificate to be added to the trusted
certificate list.
72
Command Line Interface Configuration