Enabling TCP Security

 

If you wish to deny access to the IOCOMM by certain hosts on the LAN or sub-nets of the LAN, proceed as follows:

  1. On the IOCOMM Main menu page, select Global configuration.
  2. Select TCP security.
  3. In First permitted IP addresses enter the Mask value and Mask result for the host(s) on the LAN or the sub-nets that will be permitted access to the IOCOMM

    For example, to allow access for a single IP address, set:

    Mask value

    [0xFFFFFF ]

    Mask result

    [ ] Desired IP address of device

  4. Repeat step 3 for the Second and Third entries (if required).
  5. Select Submit.
  6. Select Return to the Main menu.
  7. Re-boot the IOCOMM to make the change to TCP security effective.

Note: If access is attempted to the IOCOMM via a proxy server, the connection will fail unless the proxy server is also entered. If the IP address of the proxy server is entered, any connection attempted via that proxy will be accepted. This has potential security implications.

 

Global Messages

 

There are two types of messages that can be displayed for users of the IOCOMM. One is a login banner, the other is Message of the Day. The log in banner can be used to inform administrators of the location of the unit and its details. The information is also available on the Web page and via SNMP.

To set up this message facility follow the procedure below:

  1. On the IOCOMM Main menu page, select Global configuration.
  2. Select the Global messages option.

    The Global messages page allows you to enter any information that you feel would be relevant or useful to users of the IOCOMM in the Login banner and Message of the day fields.

    For example, the Login banner might say Welcome to the XYZ network. The Message of the day might say Network unavailable after 4pm today. Either message can be changed as and when required.

  3. Complete the text fields for Login banner and Message of the day as required.
    Note: TFTP paths to message files are also acceptable.
  4. You also have the option of entering general system information in the following fields; for example:

    Support contact

    [John_Brown]

    System description

    [Access_Server_03]

    System location

    [Accounts_Department]

    This information may be useful from a general network administration point of view. The information you enter in these fields will appear on the IOCOMM Administration page each time the Web browser for the IOCOMM is opened.

  5. The Support contact line can also be used to create an e-mail shortcut, enabling email messages to be sent directly to the relevant support person (either internally or externally). To use this facility, complete the field using the same form as in the following example:

    Support contact

    [mailto:john.brown@anycompany.co.uk]

    The e-mail shortcut can then be used by clicking on the mail address line shown on the IOCOMM Administration page. The e-mail address can be changed at any time.

    Note: The Product ID and Serial number are factory pre-set and cannot be changed.

  6. Select Submit.
  7. Select Return to the Main menu.

000127

Links to Configuration Tasks

Getting Started | Web Access | First Time Configuration Tour | Configuring DNS on IOCOMM | Changing Serial Line Configuration | Resetting a Serial Port | Using a Modem for Dial-in Operation | Outgoing Services | Disable Access | Adding a Terminal | Configuring the Synchronous Port (B) | Printing | Configuring RADIUS | Local Authentication | Dynamic Routing (RIP) | Enabling TCP Security | Global Messages | Configuring Status Logging | Telnet Service (telnetd) | Monitoring Status | Making Changes to IOCOMM