User manual
C
HAPTER
14
| Security Measures
Filtering IP Addresses for Management Access
– 185 –
ES-2000 Series
FILTERING IP ADDRESSES FOR MANAGEMENT ACCESS
Use the Security > IP Filter page to create a list of up to 15 IP addresses or
IP address groups that are allowed management access to the switch
through the web interface or SNMP.
COMMAND USAGE
◆ The management interfaces are open to all IP addresses by default.
Once you add an entry to a filter list, access to that interface is
restricted to the specified addresses.
◆ If anyone tries to access a management interface on the switch from an
invalid address, the switch will reject the connection, enter an event
message in the system log, and send a trap message to the trap
manager.
◆ IP address can be configured for SNMP or web access respectively. Each
of these groups can include up to five different sets of addresses, either
individual addresses or address ranges.
◆ When entering addresses for the same group (i.e., SNMP or web), the
switch will not accept overlapping address ranges. When entering
addresses for different groups, the switch will accept overlapping
address ranges.
◆ You cannot delete an individual address from a specified range. You
must delete the entire range, and reenter the addresses.
◆ You can delete an address range just by specifying the start address, or
by specifying both the start address and end address.
PARAMETERS
These parameters are displayed:
◆ Mode
■
Web – Configures IP address(es) for the web group.
■
SNMP – Configures IP address(es) for the SNMP group.
◆ Start IP Address – A single IP address, or the starting address of a
range.
◆ End IP Address – The end address of a range.