Manualshelf

Installation Manual

ManualsBrandsTechMikeNY ManualsComputers & AccessoriesHigh-End Virtualization Server 12-Core 128GB RAM 12TB RAID Dell PowerEdge R710 Bezel and Rails (Certified Refurbished)
361362363364365366367368369370
Configuring Security Features 361
IP Filtering Guidelines
Use the following guidelines when enabling IP filtering:
Ensure that
cfgRacTuneIpRangeMask
is configured in the form of a
netmask, where all most significant bits are 1’s (which defines the subnet
in the mask) with a transition of all 0’s in the lower-order bits.
Use the range base address you prefer as the value for
cfgRacTuneIpRangeAddr
. The 32-bit binary value of this address should
have zeros in all the low-order bits where there are zeros in the mask.
IP Blocking
IP blocking dynamically determines when excessive login failures occur from
a particular IP address and blocks (or prevents) the address from logging into
the iDRAC6 for a preselected time span.
The IP blocking parameter uses cfgRacTuning group features that include:
The number of allowable login failures
The timeframe in seconds when these failures must occur
The amount of time in seconds when the
guilty
IP address is prevented
from establishing a session after the total allowable number of failures is
exceeded
As login failures accumulate from a specific IP address, they are aged by an
internal counter. When the user logs in successfully, the failure history is
cleared and the internal counter is reset.
NOTE: When login attempts are refused from the client IP address, some SSH
clients may display the following message: ssh exchange
identification: Connection closed by remote host.
See the RACADM Command Line Reference Guide for iDRAC6 and CMC
available on the Dell Support website at dell.com/support/manuals for a
complete list of cfgRacTuning properties.