config system protocols filter¶
Opens an editor that allows you to filter management IP connectivity to the Lantronix Local Manager. Using source IP address as a parameter, the system specifically allows or denies listed IP address/subnet mask combinations.
Command availability¶
CLI resource: system
Lantronix system: All
LMS offerings: All
Syntax¶
Subcommands¶
[no] allow ["ip|ipv6 address/subnet mask"]
[no] deny ["ip|ipv6 address/subnet mask"]
show
exit
Usage¶
The initial filter is allow all.
Once filtering is implemented, all managed device IP addresses must be specified in config info for each port to allow TFTP/FTP traffic to the system.
Subnet mask bits can be entered in either decimal (/27) or dotted-decimal (255.255.255.252).
Changes affect new connections to the system. Changes are applied when you exit the editor.
Improper subnet boundaries will be corrected automatically to the closest complete range.
Specifically denied addresses are filtered from those specifically allowed. The all keyword is overridden by any specific allow or deny statement. If you issue the deny all command after allowing an address, that address remains allowed. In the example below, all addresses that have not been explicitly allowed will be denied.
[admin@LantronixLM]# config system protocols filter
[config system protocols filter]# allow 172.16.100.80/28
[config system protocols filter]# allow 2001:DB8:1e0:30::0/32
[config system protocols filter]# deny all
[config system protocols filter]# exit
[admin@LantronixLM]#
In the Lantronix web interface¶
Inventory > group page > Network > Protocols > IP Filtering - specific to this inventory group
Inventory > Local Manager page > Network > Protocols > IP Filtering - specific to this system
History¶
3.4 - This command was introduced
4.3 - Added IPv6 filters
Related commands¶
- show system protocols