Manualshelf

Users Guide

ManualsBrandsDell ManualsActive System ManagerChassis Management Controller Version 1.30 for Dell PowerEdge VRTX
71727374757677787980
NOTE: IPv6 requires a minimum MTU of 1280. If IPv6 is enabled, and cfgNetTuningMtu is set to a
lower value, the CMC uses an MTU of 1280.
Configuring CMC Network and Login Security Settings
The IP address blocking and User blocking features in CMC allow you to prevent security issues due to
password guessing attempts. This feature enables you to block a range of IP addresses and users who
can access CMC. By deafult, the IP address blocking feature is enabled in CMC.
NOTE: Blocking by IP address is applicable only for IPV4 addresses.
You can set the IP range attributes using CMC web interface or RACADM. To use the IP address blocking
and user blocking features, enable the options using CMC web interface or RACADM. Configure the login
lockout policy settings to enable you to set the number of unsuccessful login attempts for a specific user
or for an IP address. After exceeding this limit, the blocked user can log in only after the penalty time
expires.
Configuring IP Range Attributes Using CMC Web Interface
NOTE: To perform the following task, you must have Chassis Configuration Administrator
privilege.
To configure the IP range attributes using CMC web interface:
1. In the left pane, go to Chassis Overview and click Network Network. The Network Configuration
page is displayed.
2. In the IPv4 Settings section, click Advanced Settings.
The Log in Security page is displayed.
Alternatively, to access the Log in Security page, in the left pane, go to Chassis Overview, click
SecurityLog in.
3. To enable the IP range checking feature, in the IP Range section, select the IP Range Enabled
option.
The IP Range Address and IP Range Mask fields are activated.
4. In the IP Range Address and IP Range Mask fields, type the range of IP addresses and IP range masks
that you want to block from accessing CMC.
For more information, see the Online Help.
5. Click Apply to save your settings.
Configuring IP Range Attributes Using RACADM
You can configure the following IP Range attributes for CMC using RACADM:
IP range checking feature
Range of IP addresses that you want to block from accessing CMC
IP Range Mask that you want to block from accessing CMC
IP filtering compares the IP address of an incoming login to the IP address range that is specified. A login
from the incoming IP address is allowed only if both the following are identical:
cfgRacTuneIpRangeMask bit-wise and with incoming IP address
cfgRacTuneIpRangeMask bit-wise and with cfgRacTuneIpRangeAddr
75