Manualshelf

User Manual

ManualsBrandsLantronix ManualsComputers & AccessoriesLantronix CONSLE Server 10/100MBPS ENET (SCS400-02)
181182183184185186187188189190
Security Event Logging
11-24
11.6.4.2 Preventing All IP Traffic
To prevent all IP packet traffic, you do not need to use a filter list. Instead, use the Define Site IP Disabled
command.
Figure 11-46: Preventing IP Packet Traffic
11.6.4.3 Setting Up a Filter List
Configuring filter lists involves two primary steps: creating the filter list, and associating the list with a
particular site.
1 When a filter list is created, it must be assigned a name of no more than 12 characters. The remainder
of the configuration consists of a series of rules that will filter packet traffic in a particular way.
Use the Set/Define Filter command to create a new filter.
Figure 11-47: Define Filter Command
Each rule is assigned a particular position in the filter list, denoted by a number. In Figure 11-47, the
rule Deny IP will be added to the firewall filter in the first position of the list. If a position number
isnt specified with the Set/Define Filter command, the rule will be added to the end of the filter list.
Note: Set/Define Filter has many parameters, which are described in detail on page
12-168.
2 A single filter list can be associated with many sites. Each site may use a filter list as an incoming,
outgoing, startup, or idle filter.
Note: Filter list types are described in Table 11-1 on page 11-23.
To associate a filter list with a site, use the Define Site Filter command.
Figure 11-48: Associating a Filter List With Sites
In Figure 11-48, filter firewall will be used as an idle filter for site irvine, and as an incoming filter
for site dallas. An example firewall is described in Creating a Firewall on page 11-29
Note: Filters can also be used with RADIUS. See Filter-ID on page D-3 for more
information.
11.7 Event Logging
Event logging enables a network administrator to track network and user activity. Logging can be
configured at a number of levels. For example, one level of logging may record only system problems
related to authentication, and another level may record all authentication activities (all passwords).
Local>> DEFINE SITE irvine IP DISABLED
Local>> DEFINE FILTER firewall ADD 1 DENY IP SRC 192.0.1.0 255.255.255.0
Local>> DEFINE SITE irvine FILTER IDLE firewall
Local>> DEFINE SITE dallas FILTER INCOMING firewall