Manual (PDF) - Rose Electronics
Manual (PDF) - Rose Electronics
Manual (PDF) - Rose Electronics
Create successful ePaper yourself
Turn your PDF publications into a flip-book with our unique Google optimized e-Paper software.
Appendix D – IP Access Control<br />
Setting IP access control<br />
The golden rule with this feature is ‘Include before you exclude’ or to put it another way<br />
‘Arrange allowed addresses in the list before the denied addresses’.<br />
This is because the positions of entries in the list are vitally important. Once a range of<br />
addresses is denied access, it is not possible to make exceptions for particular addresses<br />
within that range. For instance, if the range of addresses from A to F are denied access first,<br />
then the address C could not be granted access lower down the list. Address C needs to be<br />
placed in the list before the denied range.<br />
IMPORTANT: This feature should be configured with extreme caution as it is possible to deny<br />
access to everyone. If such an error occurs, see Clear IP access control for details about how<br />
to regain access.<br />
In the list, access control addresses prefixed by ‘+’ are allow entries while those prefixed<br />
by ‘– ‘ are deny entries.<br />
To define a new IP access control entry, click the Add button to display a popup dialog:<br />
Network/Address<br />
Enter the network address that is allowed or<br />
denied access. If a range of addresses is<br />
being specified then specify any one of the<br />
addresses within the range and use the<br />
Mask entry to indicate the size of the range.<br />
(See address range and mask sections)<br />
The IP access control function uses a standard IP address and a net mask notation to specify<br />
both single locations and ranges of addresses. In order to use this function correctly, you need<br />
to calculate the mask so that it accurately encompasses the required addresses.<br />
Single locations<br />
Some of the simplest addresses to allow or deny are single locations. In this case you enter the<br />
required IP address into the ‘Network/Address’ field and simply enter the ‘Mask’ as<br />
255.255.255.255 (255 used throughout the mask means that every bit of the address will be<br />
compared and so there can only be one unique address to match the one stated in the<br />
‘Network/Address’ field).<br />
All locations<br />
The other easy setting to make is ALL addresses are allowed or denied. Using the mask<br />
0.0.0.0 as standard, the IP access control section includes the entry: +0.0.0.0/0.0.0.0.The<br />
purpose of this entry is to include all IP addresses. It is possible to similarly exclude all<br />
addresses, however, take great care not to do this as you instantly render all network access<br />
void. There is a recovery procedure should this occur.<br />
50 Vista Remote 2 Installation and Operations <strong>Manual</strong>