Manualshelf

Brocade Secure Fabric OS Administrator's Guide - Supporting Fabric OS v3.2.0, v4.4.0, v5.0.1, v5.1.0, 5.2.0, and 5.3.0 (53-1000244-02, June 2007)

ManualsBrandsHP ManualsStorageBrocade 4Gb SAN Switch
61626364656667686970
46 Secure Fabric OS Administrator’s Guide
53-1000244-02
3
The possible Telnet policy states are shown in Table 5.
To create a Telnet policy
1. From a sectelnet or SSH session, log in to the primary FCS switch as admin.
2. Type secPolicyCreate “TELNET_POLICY”, “member;...;member.
member is one or more IP addresses in dot-decimal notation. “0” can be entered in an octet to
indicate that any number can be matched in that octet.
3. To save or activate the new policy, enter either the secPolicySave or the secPolicyActivate
command.
If neither of these commands is entered, the changes are lost when the session is logged out.
For more information about these commands, see “Saving Changes to Secure Fabric OS
Policies” on page 56 and Activating Changes to Secure Fabric OS Policies” on page 56.
For example, to create a Telnet policy to allow anyone on network 192.168.5.0 (where 0 can be
any number) to access the fabric from a sectelnet or SSH session:
primaryfcs:admin> secpolicycreate "TELNET_POLICY", "192.168.5.0"
TELNET_POLICY has been created.
HTTP Policy
The HTTP policy can be used to specify which workstations can use HTTP to access the fabric. This
is useful for applications that use Internet browsers, such as Brocade Web Tools.
The policy is named HTTP_POLICY and contains a list of IP addresses for devices and workstations
that are allowed to establish HTTP connections to the switches in the fabric.
Table 6 displays the possible HTTP policy states.
To create an HTTP policy
1. From a sectelnet or SSH session, log in to the primary FCS switch as admin.
2. Type secPolicyCreate “HTTP_POLICY”, “member;...;member.
TABLE 5 Telnet Policy States
Policy State Description
No policy Any host can connect by sectelnet or SSH to the fabric.
Policy with no entries No host can connect by sectelnet or SSH to the fabric.
Policy with entries Only specified hosts can connect by sectelnet or SSH to the fabric.
TABLE 6 HTTP Policy States
Policy State Characteristics
No policy All hosts can establish an HTTP/HTTPS connection to any switch in the fabric.
Policy with no entries No host can establish an HTTP/HTTPS connection to any switch in the fabric.
Note: An empty policy causes the message “The page cannot be displayed” to
display when HTTP/HTTPS access is attempted.
Policy with entries Only specified hosts can establish an HTTP/HTTPS connection to any switch in
the fabric.