Version 7.0 867 Mediant 3000
User's Manual 58. Configuration Parameters Reference
58.4 Security Parameters
This subsection describes the device's security parameters.
58.4.1 General Security Parameters
The general security parameters are described in the table below.
Table 58-24: General Security Parameters
Parameter Description
[EnableSecureStartup] Enables the Secure Startup mode. In this mode, downloading the ini file to
the device is restricted to a URL provided in initial configuration (see the
parameter IniFileURL) or using DHCP.
[0] Disable (default).
[1] Enable = disables TFTP and allows secure protocols such as
HTTPS to fetch the device configuration.
Note: For the parameter to take effect, a device reset is required.
Firewall Table
Internal Firewall
Parameters
[AccessList]
The table defines the device's access list (firewall), which defines network
traffic filtering rules.
The format of the ini file table parameter is:
[AccessList]
FORMAT AccessList_Index = AccessList_Source_IP,
AccessList_Source_Port, AccessList_PrefixLen, AccessList_Source_Port,
AccessList_Start_Port, AccessList_End_Port, AccessList_Protocol,
AccessList_Use_Specific_Interface, AccessList_Interface_ID,
AccessList_Packet_Size, AccessList_Byte_Rate, AccessList_Byte_Burst,
AccessList_Allow_Type;
[\AccessList]
For example:
AccessList 10 = mgmt.customer.com, , , 32, 0, 80, tcp, 1, OAMP, 0, 0, 0,
allow;
AccessList 22 = 10.4.0.0, , , 16, 4000, 9000, any, 0, , 0, 0, 0, block;
In the example above, Rule #10 allows traffic from the host
‘mgmt.customer.com’ destined to TCP ports 0 to 80 on interface OAMP
(OAMP). Rule #22 blocks traffic from the subnet 10.4.xxx.yyy destined to
ports 4000 to 9000.
For a detailed description of the table, see ''Configuring Firewall Settings''
on page 173.
To Next Page
Loading...
