Lantronix MPS100 EPS Reference Manual - Page 47
Controlling Incoming Sessions, IP Security Table
View all Lantronix MPS100 manuals
Add to My Manuals
Save this manual to your list of manuals |
Page 47 highlights
Server Configuration Security 4.7.1 Controlling Incoming Sessions The Set/Define Server Incoming command allows or denies incoming LAT or Telnet connections. It can also require incoming users to enter the Server login password to log in from the network. The following commands allow LAT and Telnet users to log into the Server without having to enter a password. Figure 4-19: Allowing Unrestricted Incoming Connections Local> SET SERVER INCOMING BOTH Local> SET SERVER INCOMING NOPASSWORD For security-conscious systems, the following commands can be used to only allow authenticated logins. That is, login attempts are subject to password verification. Figure 4-20: Configuring Password for Incoming Connections Local> SET SERVER INCOMING PASSWORD Local> SET SERVER LOGIN PASSWORD "8ball" Connection Methods on page -HIDDEN explains in detail the mechanics of setting up incoming sessions. Note that users logging in from the network are much harder to trace and monitor than those on attached physical ports. Make sure your Server and network environment are reasonably secure if you allow network logins. Also, refer to Enabling Server-Wide Port Characteristics on page 4-1 for details on configuring ports for network logins. Note that you can configure the TCP/IP security table to enable or disable network connections from certain hosts-see IP Security Table on page 4-11 for more information. 4.7.2 IP Security Table The Server provides an IP Security Table as a mechanism for restricting incoming and outgoing TCP/IP sessions (including Telnet, Rlogin, SLIP, and RTEL). The security table allows the manager to enable or disable access to and from the Server based on port number as well as IP address. The IP security table does not apply to print connections via RTEL. Like other configurations, security table entries can be Set or Defined. To add an entry to the table, specify an IP address (or range), which direction(s) to restrict, and a list of affected ports. Figure 4-21: Setting Server Access Local> SET IPSECURITY 192.0.1.255 OUTGOING DISABLED PORT 4-7 In order, the command in Figure 4-21: 1 Affects addresses from 192.0.1.1 through 192.0.1.254 using the 255 "wildcard" network address segment. 2 Prevents ports 4, 5, 6, and 7 from beginning sessions to hosts with these addresses using the Outgoing Disabled keywords. 4-11