Working With Ranges - HP 800 User Manual
Network access controller
Hide thumbs
Also See for 800:
- User manual (586 pages) ,
- Manual (106 pages) ,
- Installation manual (34 pages)
Table of Contents
Advertisement
Working with Ranges
In NAC 800 implementations, particularly in trial installations where you are
connecting and disconnecting cables to a number of different types of end-
points, you can filter the activity by specifying the following:
■
Ranges to monitor – This property filters results in the display
window, it does not keep NAC 800 from testing other systems.
Ranges to ignore – Does not test the ranges listed.
■
Ranges to enforce – This property is only valid for DHCP mode. It
■
modifies the iptables QUEUE rule such that only the networks set to
be enforced will ever get quarantine addresses.
To specify ranges to monitor:
NAC 800 home window>>System configuration>>Select an Enforcement
Cluster>>Advanced menu option
In the Endpoint detection area, enter the range of addresses to monitor in the
IP addresses to monitor text field. Separate ranges with a hyphen or use CIDR
notation.
To specify ranges to ignore:
NAC 800 home window>>System configuration>>Enforcement clusters &
servers>>Select an Enforcement Cluster>>Advanced menu option
In the Endpoint detection area, enter the range of addresses to ignore in the IP
addresses to ignore text field. Separate ranges with a hyphen or use CIDR
notation.
To specify ranges to enforce:
NAC 800 home window>>System configuration>>Quarantining menu option
Select the DHCP radio button in the Quarantine method area.
1.
2.
Select the Restrict enforcement of DHCP requests to these relay agent IP
addresses radio button.
Enter IP addresses in the DHCP relay IP addresses to enforce text box. Enter
3.
individual DHCP relay agent IP addresses, separated by carriage returns.
These addresses must be a subset of either the quarantined or non-
quarantined subnets.
System Administration
Working with Ranges
13-39
Advertisement
Chapters
Table of Contents
