Specifying IP Addresses for Firewall Rules
You can either limit communication to only devices with specified IP addresses, or block devices with specified IP addresses but permit other communications. You can specify a single IP address or a range of IP addresses.
|
Up to 4 IP addresses (or ranges of IP addresses) can be specified for both IPv4 and IPv6.
The packet filters described in this section control communications over TCP, UDP, and ICMP.
|
1
Start the Remote UI and log on in System Manager Mode.
Starting Remote UI
2
Click [Settings/Registration].
3
Click [Security Settings]
[IP Address Filter].
4
Click [Edit] for the filter type that you want to use.
[IPv4 Address: Inbound Filter]
Select to restrict receiving data from the machine to a computer by specifying IPv4 addresses.
[IPv6 Address: Inbound Filter]
Select to restrict receiving data from the machine to a computer by specifying IPv6 addresses.
5
Specify the settings for packet filtering.
[Blocked Addresses]
Register addresses to be blocked, as well as check or delete registered blocked addresses.
[Allowed Addresses]
Register addresses to be allowed, as well as check or delete registered allowed addresses.
1
|
Select the [Use Filter] check box.
Select the check box to restrict communication. Clear the check box to disable the restriction.
|
2
|
Specify the address.
Enter the IP address (or the range of IP addresses) in the [Address to Register] text box and click [Add].
Registered address
|
Result
|
[Blocked Addresses]
|
Restricts communication (received) with devices having their IP addresses entered for [Address to Register]. Communication is allowed with devices with any other IP addresses.
|
[Allowed Addresses]
|
Allows communication (received) only with devices having their IP addresses entered for [Address to Register], and restricts communication with devices with any other IP addresses.
|
Registered as both
|
Allows communication (received) only with devices having their IP addresses registered in [Allowed Addresses], and restricts communication with devices with any other IP addresses. However, communication is restricted for IP addresses also registered in [Blocked Addresses].
|
Check for entry errors
If IP addresses are incorrectly entered, you may be unable to access the machine from the Remote UI, in which case you need to set <IPv4 Address Filter> or <IPv6 Address Filter> to <Off>. IPv4 Address Filter IPv6 Address Filter
Entry form for IP addresses
|
Description
|
Example
|
Entering a single address
|
IPv4: Delimit numbers with periods.
|
192.168.0.10
|
IPv6: Delimit alphanumeric characters with colons.
|
fe80::10
|
Specifying a range of addresses
|
Insert a hyphen between the addresses.
|
IPv4:
192.168.0.10-192.168.0.20
|
IPv6:
fe80::10-fe80::20
|
Specifying a range of addresses with a prefix (IPv6 only)
|
Enter the address, followed by a slash and a number indicating the prefix length.
|
fe80::1234/64
|
Deleting an IP address from exceptions Select an IP address and click [Delete].
|
3
|
Click [OK].
|
LINKS