Specifying IP Addresses for Firewall Rules

You can either limit communication to only devices with specified IP addresses, or block devices with specified IP addresses but permit other communications. You can specify a single IP address or a range of IP addresses.
Up to 16 IP addresses (or ranges of IP addresses) can be specified for both IPv4 and IPv6.
The packet filters described in this section control communications over TCP, UDP, and ICMP.
1
Start the Remote UI and log on in System Manager Mode. Starting Remote UI
2
Click [Settings/Registration].
3
Click [Security Settings]  [IP Address Filter].
4
Click [Edit...] for the filter type that you want to use.
[IPv4 Address: Outbound Filter]
Select to restrict sending data from the machine to a computer by specifying IPv4 addresses.
[IPv4 Address: Inbound Filter]
Select to restrict receiving data from the machine to a computer by specifying IPv4 addresses.
[IPv6 Address: Outbound Filter]
Select to restrict sending data from the machine to a computer by specifying IPv6 addresses.
[IPv6 Address: Inbound Filter]
Select to restrict receiving data from the machine to a computer by specifying IPv6 addresses.
5
Specify the settings for packet filtering.
Select the default policy to allow or reject the communication of other devices with the machine, and then specify IP addresses for exceptions.
1
Select the [Use Filter] check box and click the [Reject] or [Allow] radio button for the [Default Policy].
[Use Filter]
Select the check box to restrict communication. Clear the check box to disable the restriction.
[Default Policy]
Select the precondition to allow or reject the communication of other devices with the machine.
[Reject]
Select to pass communication packets only when they are sent to or received from devices whose IP addresses are entered in [Exception Addresses]. Communications with other devices are prohibited.
[Allow]
Select to block communication packets when they are sent to or received from devices whose IP addresses are entered in [Exception Addresses]. Communications with other devices are permitted.
2
Specify address exceptions.
Enter the IP address (or the range of IP addresses) in the [Address to Register] text box and click [Add].

Check for entry errors
If IP addresses are incorrectly entered, you may be unable to access the machine from the Remote UI, in which case you need to set <IPv4 Address Filter> or <IPv6 Address Filter> to <Off>. IPv4 Address Filter    IPv6 Address Filter

Entry form for IP addresses
Description
Example
Entering a single address
IPv4:
Delimit numbers with periods.
192.168.0.10
IPv6:
Delimit alphanumeric characters with colons.
fe80::10
Specifying a range of addresses
Insert a hyphen between the addresses.
192.168.0.10-192.168.0.20
Specifying a range of addresses with a prefix
Enter the address, followed by a slash and a number indicating the prefix length.
192.168.0.32/27

fe80::1234/64
When [Reject] is selected for an outbound filter
Outgoing multicast and broadcast packets cannot be filtered.
Deleting an IP address from exceptions
Select an IP address and click [Delete].
3
Click [OK].
6
Restart the machine.
Turn OFF the machine, wait for at least 10 seconds, and turn it back ON.
You can enable or disable the IP Address Filter settings from <Menu>. IPv4 Address Filter    IPv6 Address Filter
1427-085