Enabling the Advance Device Security policy
1. Connect to the switch and log in as admin.
2. Enter the ag
Disabling the Advance Device Security policy
1. Connect to the switch and log in as admin.
2. Enter the ag
Setting which devices can log in if ADS policy is enabled
You can determine which devices are allowed to log in on a per F_Port basis by specifying the
device's port WWN (PWWN). Use the ag --adsset command to determine which devices are
allowed to log in to a specified set of F_Ports. Lists must be enclosed in double quotation marks.
List members must be separated by semicolons. The maximum number of entries in the allowed
device list is twice the per port maximum log in count. Replace the WWN list with an asterisk (*) to
indicate all access on the specified F_Port list. Replace the F_Port list with an asterisk (*) to add
the specified WWNs to all the F_Ports' allow lists. A blank WWN list ("") indicates no access. The
ADS policy must be enabled for this command to succeed.
NOTE
Use an asterisk enclosed in quotation marks,"*", to set the Allow list to "All Access" to all F_Ports;
use a pair of double quotation marks ("") to set the Allow list to "No Access".
Note the following characteristics of the Allow List:
For example, to set the list of allowed devices for ports 1, 10, and 13 to all access:
1. Connect to the switch and log in as admin.
2. Enter the ag --adsset "1;10;13""*" command.
Access Gateway Administrator's Guide
53-1000605-02
policyenable ads command.
--
switch:admin> ag --policyenable ads
The policy ADS is enabled
policydisable ads command.
--
switch:admin> ag --policydisable ads
The policy ADS is disabled
•
The maximum device entries allowed in the Allow List is twice the per port max login count
•
Each port can be configured to "not allow any device" or "to allow all the devices" to log in
•
If the ADS policy is enabled, by default, every port is configured to allow all devices to log in
•
The same Allow List can be specified for more than one F_Port.
switch:admin> ag–-adsset"1;10;13""*"
WWN list set successfully as the Allow Lists of the F_Port[s]
Access Gateway policies
2
9