Raritan Computer SX4 用户手册
44 D
OMINION
SX
I
NSTALLATION AND
O
PERATIONS
M
ANUAL
IP ACL
Important! Please make absolutely certain that all IP addresses have been entered correctly
before enabling IP ACL. If not, you may be locked out of the unit and be unable to access the unit
in the future; the only way to restore access to the unit is to perform a factory reset, removing all
user-defined values that you have programmed in and forcing you to reconfigure the unit
completely.
in the future; the only way to restore access to the unit is to perform a factory reset, removing all
user-defined values that you have programmed in and forcing you to reconfigure the unit
completely.
Overview
There are two ways for a Dominion SX Administrator to manage IP Access Control Lists (IP ACLs):
There are two ways for a Dominion SX Administrator to manage IP Access Control Lists (IP ACLs):
•
Via the Graphical User Interface (GUI) for configuring and managing IP ACLs
•
Via the Command Line Interface (CLI) using SSH/Telnet. Please note that when using the CLI, we
highly recommended using SSH, not Telnet, to securely configure the IP ACL.
Because Dominion SX leverages the IPTables firewall functionality to provide IP ACL capability,
familiarity with IPTables is strongly recommended, and knowledge of the concepts of Access Control Lists
(ACL) is a prerequisite for configuring and administering the Dominion SX IP ACL feature. Explaining
IPTables is beyond the scope of this document. Please refer to IPTables documentation for more specific
details on creation and management of the IP ACL rule lists. We also suggest the following link:
http://iptables-tutorial.frozentux.net/iptables-tutorial.html
Rule Creation and Execution
Note: We recommend that you turn IP ACL logging OFF when creating an Allow rule. If not, every
accepted packet that matches the rule will be logged, causing the log file to increase in size very quickly.
accepted packet that matches the rule will be logged, causing the log file to increase in size very quickly.
To create access rules, click on the IP ACL tab on the Dominion SX screen. Click Insert to insert a new
rule in the rules table on this screen.
After configuring all IP ACL parameters, you can create rules. Rules in the table begin with the number
(No.) zero (0), and continue in numerical order. When attempting to make a connection, Dominion SX will
start at the beginning of the rules table list and continue through the list in order until an applicable rule is
matched with the command executed.
rule in the rules table on this screen.
After configuring all IP ACL parameters, you can create rules. Rules in the table begin with the number
(No.) zero (0), and continue in numerical order. When attempting to make a connection, Dominion SX will
start at the beginning of the rules table list and continue through the list in order until an applicable rule is
matched with the command executed.