LEGRAND Server Technology PRO3X User Manual page 193

• • Make changes to the selected rule, and then click Save.
• • Click
to remove it.
• • To re-sort its order, click
5) Click Save.
• IPv4 rules: Make sure you click the Save button in the IPv4 section, or the changes made to IPv4 •
rules are not saved.
• IPv6 rules: Make sure you click the Save button in the IPv6 section, or the changes made to IPv6 •
rules are not saved.
Creating Role Based Access Control Rules
Role-based access control rules are similar to IP access control rules, except that they are applied to
members of a specific role. This enables you to grant system permissions to a specific role, based on
their IP addresses.
Same as IP access control rules, the order of role-based access control rules is important, since the rules
are executed in numerical order.
▶
To create IPv4 role-based access control rules:
1) Choose Device Settings > Security > Role Based Access Control.
2) Select the 'Enable role based access control for IPv4' checkbox to enable IPv4 access control rules.
3) Determine the IPv4 default policy.
• • Accept: Accepts traffic when no matching rules are present.
• Deny: Rejects any user's login attempt when no matching rules are present. •
4) Create rules. Refer to the tables below for different operations.
ADD a rule to the end of the list
• •
Click Append.
• •
Type a starting IP address in the Start IP field.
• •
Type an ending IP address in the End IP field.
• •
Select a role in the Role field. This rule applies to members of this role only.
• •
Select an option in the Policy field.
• • Accept: Accepts traffic from the specified IP address range when the user is a member of
the specified role.
• •
Deny: Rejects the login attempt of a user from the specified IP address range when that
user is a member of the specified role.
INSERT a rule between two rules
or .
193