MRV Communications LX-4000 Series Informations techniques Page 314
- Page / 692
- Table des matières
- DEPANNAGE
- MARQUE LIVRES
Noté. / 5. Basé sur avis des utilisateurs
12-2 IP Firewall
LX Series Configuration Guide
IP Firewall
The MRV Graphical User Interface (GUI) provides a simple,
limited method for configuring iptables.
The following IP Firewall GUI feature procedure uses terms
which may not be familiar. These terms are defined as follows:
A firewall consists of several rules for establishing (or setting)
the input and output firewall policies. There is now a new
Firewall menu item in the GUI Configuration Console. When you
click on Firewall, the GUI gathers the firewall information from
the LX unit. If the GUI detects an advanced firewall
configuration in system iptables (advance firewall configurations
are created through the shell level only, and the GUI can’t
recognize these rules) a confirmation window appears:
If you click Yes, the GUI loads the previous firewall
configuration, saves a copy of iptables, overwrites iptables, and
automatically displays a filled-in input table. If no previous
firewall is detected, a blank input table appears.
Term Definition Example
Chain
A grouping of rules that
specifies when the rules
should be applied to traffic
(
INPUT
,
OUTPUT
)
source ip address x.x.x.x
destination port 23
Rule The actual filter definition
source ip address x.x.x.x
destination port 23
Policy
The action to the rule
(
Accept
or
Drop
)
source ip address x.x.x.x
destination port 23 drop
source ip address x.x.x.x
destination port 23 accept
Default
Policy
The default action of the entire chain. If a packet makes it
through all the rules in a chain, the default policy decides which
final action to take (
Accept
or
Drop
)
- LX Series 1
- Configuration Guide 1
- System Administration 6
- Configuring IP Interfaces 8
- Control Feature 11
- SNMP Configuration 12
- Manager and LDAM 13
- Configuring PPP 14
- Internal Modem 14
- PART 3 Additional Information 15
- LX-Series Configuration Guide 18
- About This Book 19
- Conventions 21
- Online Help 21
- Additional Help 23
- menu open d<tab> 24
- menu open demo_menu 24
- Before You Configure 25
- Using the Command-Line 26
- Interface 26
- Figure 1.1 LX Command Modes 27
- About Command Modes 28
- Configuration 29
- Command Mode 29
- Superuser command mode 29
- Command Mode Descriptions 30
- Using the Function Keys 41
- Performing the Initial Setup 42
- Configuring TCP/IP 43
- Intf 1-1:0>>dhcp renew 47
- IP Configuration Menu 49
- Subs_InReach >> 52
- Subs_InReach >>password 52
- Config:0 >> prompt: 52
- Config:0 >>password 52
- Setting Up LDAP 53
- Network-based Host 55
- 143.34.87.93 56
- Using an LDAP 57
- LDAP Command Examples 58
- LDAP Local Subscriber Feature 59
- The LX listens to 62
- RADIUS Command Examples 63
- Specifying the RADIUS Period 65
- Setting Up TACACS+ 66
- The LX listens 68
- TACACS+ Command Examples 72
- 182.36.98.33 72
- 182.57.32.58 73
- Specifying the TACACS+ Period 74
- Setting Up RSA SecurID 74
- address 149.19.87.89 76
- RSA SecurID Command Examples 77
- RSA SecurID sdconf.rec File 80
- 1. Go to the shell 80
- Setting Up KerberosV5 81
- Syslog Overview 89
- Assigning an Asset Tag 90
- Assigning a Contact 91
- Setting Up Remote 92
- Network Element 93
- Connectors 94
- Straight Through Cable 94
- Management 95
- Configuring Modem Caller ID 98
- 1. Test the port async port: 105
- LX Series Configuration Guide 107
- Console Management 108
- Specifying Access Methods 109
- Connect Port Escape Character 110
- System Administration 112
- Backup and Recovery 113
- Editing the Files in Windows 115
- <ipv6_ 118
- <ip_address> 118
- Other Units 119
- Configuring SFTP 120
- Configuring Telnet Server 123
- Scripting On External Units 124
- Upgrading the Software 124
- LX Series 127
- Command Reference 127
- Main Menu 128
- Booting from the Network 129
- Ethernet Network Link 132
- IMPORTANT! 133
- EM316LX Configuration Menu 134
- Resetting System Defaults 136
- Saving the Configuration 136
- Booting the System 137
- Changing the Unit IP Address 139
- Changing the Network Mask 140
- Changing the Gateway Address 140
- Restarting the Module 142
- Enabling the Management Port 142
- Configuring Image Names 144
- Defaulting Image Names 144
- IMPORTANT 145
- Booting from Defaults 149
- Defaulting from CLI 150
- System and Status Screens 154
- Configuring the 156
- LX Series Unit 156
- Setting Up the 157
- Notification Feature 157
- Profile of the TAP type 158
- Creating Service Profiles 159
- 4. Use the 163
- 1. Execute the 163
- External Modem Settings 165
- Overview of User Profiles 170
- 5. Use the 171
- 6. Use the 171
- All text 172
- Configuration Examples 173
- There are 174
- Localsyslog Example 175
- Remotesyslog Example 175
- SNPP Example 176
- Email Example 177
- TAP Example 178
- SNMP Example 179
- SSHD and DNS 180
- Configuring IP Interfaces 181
- Examples 182
- LX Series Command Reference 183
- Setting Up IP Interfaces 184
- Re-Using IP Addresses 185
- Specifying Socket Numbers 186
- IP Interface 188
- Interface Command Mode: 190
- Configuring a Rotary 191
- Removing Ports from a Rotary 194
- Disabling a Rotary 194
- Telnet Client 199
- Setting the Banner 200
- Message of the Day Commands 201
- Data Broadcast Feature 203
- Setting Up Broadcast Groups 204
- Guidelines for Adding Ports 205
- Specifying Port Options 206
- Configuring 211
- Subscriber Accounts 211
- Default Template 212
- Subscriber Account Settings 216
- Dialback Access 221
- InReach:0 >> 227
- Specifying Escape Characters 228
- Specifying a Security Level 230
- Enabling Audit Logging 230
- Enabling Command Logging 231
- Enabling the Menu Feature 231
- Generating the SSH Key 239
- Configuring Async 241
- Port Features 241
- Displaying Sensor Summaries 243
- Configuring the IdleBuffer 244
- Data Buffering 248
- <port> 250
- RS-485 CLI Support 251
- Default TCP Transmit Mode 254
- Port Mirroring 255
- <port_list> readonly 256
- <subscriber_name> 258
- Port Async Connect 260
- DSR Wait 269
- Configuring Power 271
- Control Units 271
- Default Name for an Outlet 273
- Specifying the Off Time 274
- Naming an Outlet 275
- Naming an Outlet Group 275
- 5. To logout, enter: 278
- 4800 Features 279
- 5250/5150/4800 280
- 1. Create a Power port: 282
- Enabling SCP 284
- 5250 POWER port 286
- 5150 POWER port 287
- 4800 POWER port 288
- Trigger-Action Feature 291
- To create a(n)... See 292
- Greenwich Time Display 293
- Disabling Rules 308
- You must 309
- 11-22 Disabling Rules 312
- Configuring iptables 313
- IP Firewall 314
- IP Firewall 12-3 315
- 12-4 IP Firewall 316
- KandL) arrows on 317
- 2. Click New. The 318
- 3. Fill in all required 318
- 4. Enter the desired 318
- 1. Select one entry 320
- 2. Modify the 320
- 3. Click on Commit 320
- Updating the Firewall 321
- Example Config:0 >> 322
- L You can use the 326
- Configuring the Cluster 327
- Configuration and 327
- What is a Cluster? 328
- How the Protocol Works 329
- Creating a Cluster Secret 331
- Cluster Secret: 332
- Enter>. The 332
- Within the Cluster 335
- Updating the Software 339
- Updating the ppciboot 340
- User Console window 343
- 123.456.789.40 344
- 123.456.789.48 344
- 123.456.789.49 344
- Sharing and Unsharing the 349
- Authenticate Image 349
- unshare telnet client 351
- GUI Cluster 353
- Cluster Automatic Discovery 355
- Cluster Automatic Setup 359
- SNMP Configuration 361
- Network Management System 362
- Management Information 363
- OID Structure Example 364
- 14-6 OID Structure Example 366
- Security 368
- SNMP Management 368
- SNMP V3 Overview 375
- SNMP V3 Commands 377
- Displaying SNMP Information 382
- Show the SNMP V3 Settings 384
- Dual Power Supply SNMP Traps 388
- SNMP MIB Support 388
- References 388
- Configuring Alarming with 389
- LX-7204T/7304T Sensor 389
- Configuring the HDAM Port 390
- Updating the LX-7204T/7304T 390
- Firmware 390
- 28 update ipv6 391
- Naming Alarm Inputs 392
- State Changes 397
- [open 400
- > 403
- Naming Control Outputs 404
- Naming Analog Inputs 412
- > 414
- Displaying HDAM Information 420
- Description: 422
- Configuring the LDAM Port 429
- Displaying LDAM Information 441
- Configuring PPP 447
- Inactivity Timeout 450
- CCP Negotiation 450
- IPCP Accept Address 451
- IPCP Compression 451
- LCP Compression 453
- LCP Echo Failure 453
- LCP Echo Interval 454
- LCP Failure Limit 454
- LCP Timeout 454
- PPP Routing on the LX 455
- Router X 459
- PPP Backup 461
- 16-16 PPP Backup 462
- PPP Dialback 465
- 16-20 PPP Dialback 466
- RSA SecurID PPP Fallback 467
- Sample Configuration 468
- Special PPP-Local, you must 469
- Configuring Redundant 471
- Ethernet 471
- Redundant Ethernet 472
- Switch A 473
- Switch B 473
- 1. Create the interface: 474
- Bonding Link 475
- Bonding Link ARP Address 475
- Bonding Link ARP Interval 476
- Defaulting the Binding 477
- 2. Save the configuration 477
- 3. Perform reboot 477
- Internal Modem 479
- Dial-Out 480
- Viewing Internal Modem 482
- Characteristics 482
- Alarm Input/Control 483
- Output Points 483
- Configuring Control Output 484
- Configuring Alarm Inputs via 487
- Trigger Action Rules 487
- 7. Enable the Rules: 489
- LX Signal Notice Ease-of-Use 490
- 4. Select Signal Notify 492
- 5. Click OK or Apply to 492
- Configuring IPv6 493
- Scope-Global Addressing 494
- Scope-Local Addressing 494
- 6to4 Tunneling 494
- Viewing IPv6 Status 504
- Viewing the IPv6 NTP Address 505
- Viewing IPv6 Routes 506
- IPv6 Additions to Ping, SSH 509
- Web Browser Support for IPv6 510
- Additional Information 511
- RADIUS Authentication 512
- RADIUS Authentication Process 513
- Table A.1 Supported RADIUS 516
- RADIUS Access Request Packet 518
- Service Type 518
- About RADIUS and 520
- TACACS+ Accounting 520
- RADIUS Accounting Attributes 522
- TACACS+ Accounting Attributes 524
- TACACS+ Authentication and 526
- Authorization 526
- TACACS+ Server 528
- Auto Command 529
- Privilege Level 530
- C-6 Privilege Level 531
- Linux Man Pages for 532
- Commands 532
- Advanced Features 568
- Multi-Level Command Execution 569
- Multi-Level Commands 570
- The target command 571
- Multi-Level Commands Examples 572
- Enabling and Disabling 574
- TCP and IR Listener Ports 574
- Open Ports on the LX 575
- RADIUS Vendor 578
- Dictionary Files 578
- Configuring rlogin Support 586
- UNIX Host 587
- Local Network 587
- Remote Network 587
- Considerations 588
- FIPS 140-2 Support 592
- FIPS 140-2 Standard 593
- Prerequisites 594
- Notes and Restrictions 594
- 1. Log into the CLI 596
- Feature Impact Reason 601
- Upgrading Software 603
- Module Name 604
- NTP Client Overview 606
- How NTP Works 607
- J-4 How NTP Works 609
- Using Nested Menus 610
- About the Nested Menu Feature 611
- Creating the Menu File 614
- Command Description 615
- %menu_file 616
- %menu_start n header 616
- %menu_wait 617
- %menu_noprompt 617
- %menu_eof 618
- %menu_prompt prompt-text 618
- %menu_top x text-string 618
- %menu_up x text-string 618
- %menu_logout x text-string 619
- %menu_repaint x text-string 619
- General Guidelines 620
- Debugging the Menu File 620
- Sample File 2 624
- K-16 Sample File 2 625
- Sample File 2 K-17 626
- K-18 Sample File 2 627
- Sample File 2 K-19 628
- K-20 Sample File 2 629
- Using LXPORTD 630
- About LXPORTD 631
- LXPORTD man Pages 631
- Applications Examples 635
- Advanced LXPORTD Application 637
- Using LPD 642
- Semicolons Embedded 654
- LDAP Version 3 Environment 656
- Setup and Troubleshooting 656
- Sample Slapd.conf File 658
- TLSVerifyClient never 659
- 22 List of Procedures 683
Produits connexes et manuels pour Serveurs MRV Communications LX-4000 Series
(4 pages)© 2020, manymanuals.fr. Tous droits réservés | 0.059 s |
Manymanuals.com
Manymanuals.de
Manymanuals.fr
Manymanuals.it
Manymanuals.pl
Manymanuals.cz
Manymanuals.es
Manymanuals-pt.com
Commentaires sur ces manuels