Manualshelf

Installation Manual

ManualsBrandsTechBenchSystems ManualsComputers & AccessoriesDell PowerEdge R610 Virtualization Server 2.53GHz 8-Core E5540 32GB 2x146GB PERC6
361362363364365366367368369370
Configuring Security Features 361
IP Filtering Guidelines
Use the following guidelines when enabling IP filtering:
Ensure that
cfgRacTuneIpRangeMask
is configured in the form of a
netmask, where all most significant bits are 1’s (which defines the subnet
in the mask) with a transition of all 0’s in the lower-order bits.
Use the range base address you prefer as the value for
cfgRacTuneIpRangeAddr
. The 32-bit binary value of this address should
have zeros in all the low-order bits where there are zeros in the mask.
IP Blocking
IP blocking dynamically determines when excessive login failures occur from
a particular IP address and blocks (or prevents) the address from logging into
the iDRAC6 for a preselected time span.
The IP blocking parameter uses cfgRacTuning group features that include:
The number of allowable login failures
The timeframe in seconds when these failures must occur
The amount of time in seconds when the
guilty
IP address is prevented
from establishing a session after the total allowable number of failures is
exceeded
As login failures accumulate from a specific IP address, they are aged by an
internal counter. When the user logs in successfully, the failure history is
cleared and the internal counter is reset.
NOTE: When login attempts are refused from the client IP address, some SSH
clients may display the following message: ssh exchange
identification: Connection closed by remote host.
See the RACADM Command Line Reference Guide for iDRAC6 and CMC
available on the Dell Support website at dell.com/support/manuals for a
complete list of cfgRacTuning properties.