NTI Secure Remote Power Reboot Switch
96
To configure an IP Filter, select an IP Filter rule from the list and press <
Enter
>.
Figure 120- Text Menu-Configure IP Filter rule
The most common approach is to only allow “whitelisted” IP addresses, subnets, or networks to access the device while blocking
all others. The IP Filters are processed sequentially from top to bottom, so it is important to place the most precise rules at the top
of the list and the most generic rules at the bottom of the list.
As an example, assume we wish to block all connections except those which come from the IP address 192.168.1.100. To allow
connections from 192.168.1.100, we need to configure and enable an ACCEPT rule at the top of the list:
(Rule 1)
Enabled: Yes
Rule type: ACCEPT
IP/mask: 192.168.1.100
Then, to block all other IP addresses from connecting to the IPDU-SX, we add a rule to drop all other connections.
(Rule 16)
Enabled: Yes
Rule type: DROP
IP/mask: 0.0.0.0/0
If the preceding “drop all connections” rule was placed in position one, no connections at all would be allowed to the unit.
Remember: rules are processed from top to bottom. As soon as a rule matches, the processing stops and the matching rule is
executed.
To match a particular IP address, simply enter in the desired IP address (e.g. 192.168.1.100).
To match a subnet, enter in the subnet with the associated mask (e.g. 192.168.1.0/24).
To match all IP address, specify a mask of 0 (e.g. 0.0.0.0/0).
Press <
Tab
> to highlight
Save
and press <
Enter
> to save before pressing <
Esc
> to exit.