6–10 MULTILINK ML3000 ETHERNET COMMUNICATIONS SWITCH – INSTRUCTION MANUAL
ACCESS CONSIDERATIONS CHAPTER 6: ACCESS CONSIDERATIONS
The event log records events as single-line entries listed in chronological order, and serves
as a tool for isolating problems. Each event log entry is composed of four fields
• Severity - the level of severity (see below).
• Date - date the event occurred on. See Date and Time on page 5–10 for
information on setting the date and time on the switch.
• Time - time the event occurred on. See Date and Time on page 5–10 for
information on setting the date and time on the switch
• Log Description - description of event as detected by the switch
Severity has one of the following values, and depending on the severity type, is assigned a
severity level.
•
I (information, severity level 1) indicates routine events.
•
A (activity, severity level 2) indicates the activity on the switch.
•
D (debug, severity level 3) is reserved for GE Multilin internal diagnostic information
•
C (critical, severity level 4) indicates that a severe switch error has occurred.
•
F (fatal, severity level 5) indicates that a service has behaved unexpectedly.
6.2.4 Authorized Managers
Just as port security allows and disallows specific MAC addresses from accessing a
network, the ML3000 software can allow or block specific IP addresses or a range of IP
addresses to access the switch. The
access command allows access to configuration
mode:
access
The
allow ip command allows specified services for specified IP addresses. IP addresses
can be individual stations, a group of stations or subnets. The range is determined by the IP
address and netmask settings.
allow ip=<ipaddress> mask=<netmask> service=<name|list>
The
deny ip command denies access to a specific IP address(es) or a subnet. IP
addresses can be individual stations, a group of stations or subnets. The range is
determined by the IP address and netmask settings.
deny ip=<ipaddress> mask=<netmask> service=<name|list>
The
remove ip command removes specific IP address(es) or subnet by eliminating
specified entry from the authorized manager list.
remove ip=<ipaddress> mask=<netmask>
The
removeall command removes all authorized managers.
removeall
The
show ip-access command displays a list of authorized managers
show ip-access
Note
It is assumed here that the user is familiar with IP addressing schemes (e.g. class A, B, C,
etc.), subnet masking and masking issues such as how many stations are allowed for a
given subnet mask.
In Example 6-7, any computer on 3.94.245.10 network is allowed (note how the subnet
mask indicates this). Also, a specific station with IP address 3.94.245.25 is allowed (again
note how the subnet mask is used). An older station with IP address 3.94.245.15 is
removed.
To Next Page
Loading...
Need help?
General
