Skip to main content

Configuring Access Restriction

Use the information in this topic to view or change the settings that block access from IP addresses or MAC addresses to the XClarity Controller.

Click Network under BMC Configuration to view or modify XClarity Controller access control settings.

Block List and Time Restriction

These options allow you to block specific IP/Mac addresses for specific period of time.

  • List of Blocked IP Addresses

    • You can enter up to three IPv4 addresses or ranges and three IPv6 addresses or ranges separated by commas, which are not allowed to access the XClarity Controller. Refer to the IPv4 examples below:

    • Single IPv4 address sample: 192.168.1.1

    • Supernet IPv4 address sample: 192.168.1.0/24

    • IPv4 range sample: 192.168.1.1–192.168.1.5

  • List of Blocked MAC address

    • You can enter up to three MAC addresses separated by commas, which are not allowed to access the XClarity Controller. For example: 11:22:33:44:55:66.

  • Restricted Access (one time)

    • You can schedule a one-time time interval during which the XClarity Controller cannot be accessed. For the time interval that you specify:

    • The beginning date and time must be later than the current XCC time.

    • The ending date and time must be later than the beginning date and time.

  • Restricted Access (daily)

    • You can schedule one or more daily time intervals during which the XClarity Controller cannot be accessed. For each time interval that you specify:

    • The ending date and time must be later than the beginning date and time.

Externally Triggered Block List

These options allow you to setup automatic blocking of specific IP addresses (IPv4 and IPv6) from which client successively attempted to log in to XClarity Controller with different incorrect username or password.

Automatic blocking will dynamically determines when excessive login failures occur from a particular IP address and blocks that address from accessing XClarity Controller for a predetermined amount of time.

  • Maximum number of login failures from a particular IP

    • The maximum number of times indicates the number of login failures allowed for a user with an incorrect password from a specific IP address before it becomes locked-out.

    • If set to 0, IP address will never be locked due to login failures.

    • The failed login counter for the specific IP address will be reset to zero after successful login from that IP address.

  • Lockout period for blocking an IP

    • The minimum amount of time (in minutes) that must pass before a user can attempt to log back in again from a locked IP address.

    • If set to 0, access from the locked IP address remains blocked-out until the administrator explicitly unlocks it.

  • Block List

    • The table Block List displays all locked IP addresses. You can unlock one or all IP addresses from the Block List.