Configuration TCP/IP Configuration
4-4
Connections can also be denied based on which port is attempting the connection and whether the
connections are incoming or outgoing. For example, the command below disables outgoing connections
for all addresses between 192.0.1.1 and 192.0.1.254 from all four serial ports.
Figure 4-6: IP Security Command
See Change IPSecurity in the MSS Reference Manual for more information on this command.
To view the host table entries, enter the Show IPsecurity command. To remove an entry, use the Delete
IPSecurity command followed by the IP address that you want to remove.
WINS
If WINS is enabled, the MSS will broadcast a WINS name announcement at boot time, and answer
broadcast WINS name queries. Other hosts can locate the MSS this way. The MSS will rebroadcast
whenever its IP address or name changes.
To enable WINS, enter the following command.
Figure 4-7: Enabling WINS
SNMP
The MSS supports the SNMP network protocol, which allows hosts on the network to query nodes for
counters and network statistics and to change some parameters on those nodes. The form of these requests
is documented by RFC 1098. The list of items that can be queried and/or set and the type of data used, such
as integer and string, are both documented in various Management Information Bases (MIBs). MIBs cover
a variety of things, such as counters and IP address resolution tables.
The MSS supports the following MIBs:
The MSS will respond to queries for unknown MIBs with a “not in MIB” error to the to the requesting host.
SNMP Trap Support
The MSS will generate limited forms of three of the SNMP traps. Traps are sent to a host when certain
events occur on the MSS.
The MSS will generate a Coldstart trap when it first boots, and will send a Linkup trap when the startupfile
(if any) has been read from a host and normal operation commences. If a startupfile has been configured but
the download fails, the MSS will send an Authentication trap. In all three cases, the trap will be directed to
the IP address of the loadhost for the MSS. If a loadhost has not been specified, the traps will not be sent.
The MSS will not generate traps other than the ones listed here.
Local>> CHANGE IPSECURITY 192.0.1.255 OUTGOING DISABLED
Local>> CHANGE SERVER WINS ENABLED
Table 4-1: Supported MIBS
MIB-II (RFC 1213) System, Interface, Address Translation, IP,
ICMP, TCP, and UDP, but not the EGP
group.
Character MIB (RFC 1318) All character-oriented devices.
RS232 MIB (RFC 1317) All objects (RS-232-style objects).
To Next Page
Loading...
Need help?
General