Manualshelf

Users Guide

ManualsBrandsDell ManualsActive System ManagerDRAC5 Version 1.20 with Dell OpenManage 5.2
51525354555657585960
Configuring and Using the DRAC 5 Command LIne Console 59
These features are disabled in the DRAC 5 default configuration. Use the following subcommand or the
Web-based interface to enable these features.
racadm config -g cfgRacTuning -o <object_name> <value>
Additionally, use these features in conjunction with the appropriate session idle time-out values and a
defined security plan for your network.
The following subsections provide additional information about these features.
IP Filtering (IpRange)
IP address filtering (or
IP Range Checking
) allows DRAC 5 access only from clients or management
workstations whose IP addresses are within a user-specific range. All other logins are denied.
IP filtering compares the IP address of an incoming login to the IP address range that is specified in the
following cfgRacTuning properties:
cfgRacTuneIpRangeAddr
cfgRacTuneIpRangeMask
The cfgRacTuneIpRangeMask property is applied to both the incoming IP address and to the
cfgRacTuneIpRangeAddr properties. If the results of both properties are identical, the incoming login
request is allowed to access the DRAC 5. Logins from IP addresses outside this range receive an error.
The login proceeds if the following expression equals zero:
cfgRacTuneIpRangeMask & (<incoming_IP_address> ^ cfgRacTuneIpRangeAddr)
where & is the bitwise AND of the quantities and ^ is the bitwise exclusive-OR.
See "DRAC 5 Property Database Group and Object Definitions" for a complete list of cfgRacTune
properties.
Table 3-7. IP Address Filtering (IpRange) Properties
Property Description
cfgRacTuneIpRangeEnable Enables the IP range checking feature.
cfgRacTuneIpRangeAddr Determines the acceptable IP address bit pattern, depending on the
1’s in the subnet mask.
This property is bitwise AND’d with cfgRacTuneIpRangeMask to
determine the upper portion of the allowed IP address. Any IP address
that contains this bit pattern in its upper bits is allowed to establish a
DRAC 5 session. Logins from IP addresses that are outside this range
will fail. The default values in each property allow an address range
from 192.168.1.0 to 192.168.1.255 to establish a DRAC 5 session.
cfgRacTuneIpRangeMask Defines the significant bit positions in the IP address. The subnet
mask should be in the form of a netmask, where the more significant
bits are all 1’s with a single transition to all zeros in the lower-order
bits.