1. Home
    2. /
  2. Manuals
    3. /
  3. Allied-Telesis
    4. /
  4. AT-iMG624A
    5. /
  5. 77
Page 381 / 998 Scroll up to view Page 376 - 380
Security command reference
Security
4-79
iMG/RG Software Reference Manual (IPNetwork Functions)
2 | i2
| external
3 | i3
| dmz
---------------------------
See also
SECURITY SHOW INTERFACE
4.2.7.1.15 SECURITY SHOW INTERFACE
Syntax
SECURITY SHOW INTERFACE <name>
Description
This command displays information about a single interface that was added to the Secu-
rity package using the security add interface command. The following interface informa-
tion is displayed:
Interface name
Interface type (external, internal or DMZ)
Options
The following table gives the range of values for each option that can be specified with
this command and a Default Value (if applicable).
Example
--> security show interface f2
Interface name: f2
Interface type: internal
See also
SECURITY LIST INTERFACES
4.2.7.1.16 SECURITY ADD MGMT-STATION RANGE
Syntax
SECURITY ADD MGMT-STATION <name> {RANGE <start_addr>
<end_addr> | SUBNET <address> <mask> } <transport_type>
<port> <idle_timeout>
Description
This command creates a
Management Station
that allows a specific host (or range of
hosts) to access your device directly, bypassing
NAT
and
Firewall
. IP packets from a
Management Station
are sent to the external interface (WAN) using a specific transport
and port number. The
Management Station
is not enabled until you enable it using
SECURITY SET MGMT-STATION.
Option
Description
Default Value
name
An existing security interface. To display all interface
names, use the security list interfaces command.
N/A
Page 382 / 998
Security
Security command reference
iMG/RG Software Reference Manual (IPNetwork Functions)
4-80
Options
The following table gives the range of values for each option that can be specified with
this command and a Default Value (if applicable).
Example
--> security add mgmt-station ISP 192.168.1.1 255.255.255.0 17 26 10
See also
security set mgmt-station
4.2.7.1.17 SECURITY DELETE MGMT-STATION
Syntax
SECURITY DELETE MGMT-STATION <name>
Description
This command deletes a single
Management Station
that was added to the
Security
module using the SECURITY ADD MGMT-STATION command.
Option
Description
Default Value
name
An arbitrary name that identifies the management sta-
tion. It can be made up of one or more letters or a
combination of letters and digits, but it cannot start
with a digit.
N/A
start_addr
The first remote host IP address in the range allowed.
N/A
end_addr
The last remote host IP address in the range allowed.
N/A
address
A specific IP address in the remote subnet allowed.
N/A
mask
The mask defining the remote subnet allowed.
N/A
transport_type
The number of the transport type used, e.g., TCP = 6,
UDP = 17, wildcard = 255.
N/A
port
The port number used. This is only effective if the
transport_type is set to 6 (TCP) or 17 (UDP). The wild-
card is 65535.
N/A
idle_timeout
The idle time (in minutes). If no sessions are created by
the
Management Station
within this setting the
Sta-
tion
is disabled. If a session is created, that session uses
the idle time set and the Station is not disabled until the
session expires.
0 (no timeout)
Page 383 / 998
Security command reference
Security
4-81
iMG/RG Software Reference Manual (IPNetwork Functions)
Options
The following table gives the range of values for each option that can be specified with
this command and a Default Value (if applicable).
Example
--> security delete mgmt-station ISP
See also
SECURITY ADD MGMT-STATION
SECURITY LIST MGMT-STATION
4.2.7.1.18 SECURITY SET MGMT-STATION
Syntax
SECURITY SET MGMT-STATION <name> {ENABLED|DISABLED}
Description
This command enables a
Management Station
that was added to the
Securit
y module
using the SECURITY ADD MGMT-STATION command.
Options
The following table gives the range of values for each option that can be specified with
this command and a Default Value (if applicable).
Example
--> set mgmt-station ISP enabled
See also
SECURITY ADD MGMT-STATION
SECURITY LIST MGMT-STATION
4.2.7.1.19 SECURITY LIST MGMT-STATION
Syntax
security list mgmt-stations
Option
Description
Default Value
name
An existing Management Station. To display Man-
agement Station names, use the SECURITY LIST
MGMT-STATION command.
N/A
Option
Description
Default Value
name
An existing Management Station. To display Manage-
ment Station names, use the SECURITY LIST
MGMT-STATION command.
N/A
enabled
Enables the Management Station. Once enabled,
Management Station sessions can be created.
Disabled
disabled
Disables the Management Station.
Page 384 / 998
Security
Security command reference
iMG/RG Software Reference Manual (IPNetwork Functions)
4-82
Description
This command lists Management Stations that were added to the Security module using
the security add mgmt-station command. It displays the following information about
Management Stations:
Management station id number
Management station name
Subnet status (true/false)
IP address (of subnet or first address in range)
Subnet mask or last address of range
Transport number
Port number
Idle timeout (minutes)
Enabled status (true/false)
Example
--> security list mgmt-stations
Management Stations:
ID |
Name
| Subnet |
IP address
| Mask/End Address |
Interface
| Transp
| Port
| Idle
| Enable
-------------------------------------------------------------------------------------
------------------------------
1 | new
| false
| 192.168.1.4
| 192.168.1.10
| ip1
| 17
|
26
| 10
| false
-------------------------------------------------------------------------------------
------------------------------
See also
security add mgmt-station
4.2.7.1.20 SECURITY ADD TRIGGER TCP|UDP
Syntax
SECURITY ADD TRIGGER <name> {TCP|UDP} <startport> <endport>
<maxactinterval>
Description
This command adds a trigger to the
Security
module. A trigger allows an application to
open a secondary port in order to transport packets.
Some applications, such as FTP, need to open secondary ports - they have a control ses-
sion port (21 for FTP) but also need to use a second port in order to transport data.
Adding a trigger it means that you do not have to define static portfilters to open ports
for each secondary session. If you did this, the ports would remain open for potential use
(or misuse, see the command FIREWALL SET IDS SCANATTACKBLOCK) until the
portfilters were deleted. A trigger opens a secondary port dynamically, and allows you to
specify the length of time that it can remain inactive before it is closed.
Page 385 / 998
Security command reference
Security
4-83
iMG/RG Software Reference Manual (IPNetwork Functions)
Options
The following table gives the range of values for each option that can be specified with
this command and a Default Value (if applicable).
Example
The following example creates a Netmeeting (H323) trigger:
--> security add trigger t1 tcp 1720 1720 30000
See also
SECURITY LIST TRIGGERS
SECURITY ADD TRIGGER NETMEETING
4.2.7.1.21 SECURITY ADD TRIGGER NETMEETING
Syntax
SECURITY ADD TRIGGER <name> NETMEETING
Description
This command allows you to use the example trigger provided by the CLI. It allows you
to add a trigger to allow
Netmeeting
to transport data through the
Security
package. This
application opens a secondary port session. You do not have to set the port range or
maxactinterval
for a
Netmeeting
trigger - the CLI automatically sets this for you.
Option
Description
Default Value
name
An arbitrary name that identifies the trigger. It can be
made up of one or more letters or a combination of let-
ters and digits, but it cannot start with a digit.
N/A
tcp
Adds a trigger for a TCP application to the security pack-
age.
N/A
udp
Adds a trigger for a UDP application to the security
package.
N/A
startport
Sets the start of the trigger port range for the control
session.
N/A
endport
Sets the end of the trigger port range for the control
session.
N/A
maxactinterval
Sets the maximum interval time (in milliseconds)
between the use of secondary port sessions. If a second-
ary port opened by a trigger has not been used for the
specified time, it is closed.
3000

Rate

4 / 5 based on 3 votes.

Popular Allied-Telesis Models

Famous Router IPs
Famous Router Companies
Bookmark Our Site

Press Ctrl + D to add this site to your favorites!

Share
Top