Using Authorized IP Managers
Building IP Masks
Table 14-3. Example of How the Bitmap in the IP Mask Defines Authorized Manager Addresses
4th Octet of IP Mask:
4th Octet of Authorized IP Address:
249
5
Bit Numbers Bit
Bit
Bit
Bit
Bit
Bit
Bit
Bit
7
6
5
4
3
2
1
0
Bit Values
128
64
32
16
8
4
2
1
4th Octet of
IP Mask (249)
4th Octet of
IP Authorized
Address (125)
Bits 1 and 2 in the mask are “off”, and bits 0 and 3
- 7 are “on”, creating a value of 249 in the 4th octet.
Where a mask bit is “on”, the corresponding bit
setting in the address of a potentially authorized
station must match the IP Authorized Address
setting for that same bit. Where a mask bit is “off”
the corresponding bit setting in the address can be
either “on” or “off”. In this example, in order for a
station to be authorized to access the switch:
• The first three octets of the station’s IP address
must match the Authorized IP Address.
• Bit 0 and Bits 3 through 6 of the 4th octet in the
station’s address must be “on” (value = 1).
• Bit 7 of the 4th octet in the station’s address
must be “off” (value = 0).
• Bits 1 and 2 can be either “on” or “off”.
This means that stations with the IP address
13.28.227.
X
(where
X
is 121, 123, 125, or 127) are
authorized.
Additional Examples for Authorizing Multiple Stations
Entries for Authorized
Manager List
Results
IP Mask
255 255 0
255
This combination specifies an authorized IP address of 10.33.
xxx
.1. It could be
applied, for example, to a subnetted network where each subnet is defined by the
Authorized
10 33 248 1
third octet and includes a management station defined by the value of “1” in the
Manager IP
fourth octet of the station’s IP address.
IP Mask
255 238 255 250
Allows 230, 231, 246, and 247 in the 2nd octet, and 194, 195, 198, 199 in the 4th octet.
Authorized
10 247 100 195
Manager IP
14-12
Summary of Contents for PROCURVE 2910AL
Page 1: ...Access Security Guide ProCurve Switches W 14 03 2910al www procurve com ...
Page 2: ......
Page 3: ...HP ProCurve 2910al Switch February 2009 W 14 03 Access Security Guide ...
Page 84: ...Configuring Username and Password Security Front Panel Security 2 36 ...
Page 156: ...TACACS Authentication Operating Notes 4 30 ...
Page 288: ...Configuring Secure Socket Layer SSL Common Errors in SSL setup 8 22 ...
Page 416: ...Configuring Advanced Threat Protection Using the Instrumentation Monitor 10 28 ...
Page 572: ...Using Authorized IP Managers Operating Notes 14 14 ...
Page 592: ...12 Index ...
Page 593: ......