Access-list
Restricts access to internal functions via TCP/IP
The access to internal functions of the router may be controlled by an access list in TCP/IP applications.
NOTE: The configuration data of the device are protected by a password, however this is always transferred in plain text, making it possible in principle to detect it and for any computer to read the configuration or to delete it. In order to prevent this from happening, the access list can be used to determine which computers or which networks can access the configuration.
For reasons of consistency, the access control is based on all "internal functions" of the router. The term "internal functions" refers to the following:
![]()
Telnet server: the configuration interface based on the Telnet protocol.
![]()
TFTP server: the configuration interface based on the TFT protocol.
![]()
SNMP: the configuration interface based on the SNMP. Each of the maximum of 16 entries in the access list has the following structure:
IP-address IP-netmask IP address of the authorized user (or user circle) IP network mask of the user circle Once an IP workstation with its IP address and the network mask 255.255.255.255 is entered into the list, the internal functions of the router can only be accessed from this computer. Any requests from devices with different IP addresses are ignored.
If a complete network has access enabled to an ELSA LANCOM, this can be done as follows for a class C network:
IP-address IP-netmask 192.234.222.0 255.255.255.0 With this entry all IP addresses in the class C network 192.234.222.0 are authorized to use internal functions of the router.
© Copyright 2001, ELSA AG http://www.elsa.de |