User guide
Security Security command reference
iMG/RG Software Reference Manual (IPNetwork Functions)
4-82
Description This command lists Management Stations that were added to the Security module using
the security add mgmt-station command. It displays the following information about
Management Stations:
• Management station id number
• Management station name
• Subnet status (true/false)
• IP address (of subnet or first address in range)
• Subnet mask or last address of range
• Transport number
•Port number
• Idle timeout (minutes)
• Enabled status (true/false)
Example --> security list mgmt-stations
Management Stations:
ID | Name | Subnet | IP address | Mask/End Address | Interface | Transp
| Port | Idle | Enable
-------------------------------------------------------------------------------------
------------------------------
1 | new | false | 192.168.1.4 | 192.168.1.10 | ip1 | 17 |
26 | 10 | false
-------------------------------------------------------------------------------------
------------------------------
See also security add mgmt-station
4.2.7.1.20 SECURITY ADD TRIGGER TCP|UDP
Syntax SECURITY ADD TRIGGER <name> {TCP|UDP} <startport> <endport>
<maxactinterval>
Description This command adds a trigger to the Security module. A trigger allows an application to
open a secondary port in order to transport packets.
Some applications, such as FTP, need to open secondary ports - they have a control ses-
sion port (21 for FTP) but also need to use a second port in order to transport data.
Adding a trigger it means that you do not have to define static portfilters to open ports
for each secondary session. If you did this, the ports would remain open for potential use
(or misuse, see the command FIREWALL SET IDS SCANATTACKBLOCK) until the
portfilters were deleted. A trigger opens a secondary port dynamically, and allows you to
specify the length of time that it can remain inactive before it is closed.