To
Add a Permitted IP
AddressYou can administer a NetScreen device from one or multiple addresses of a subnet. By default, any host on the trust interface can administer a NetScreen device. To restrict this ability to specific workstations, you must configure permitted IP addresses. However, be aware that by configuring a permitted IP address, you simultaneously block all the other hosts from administering the device. If you want more than one workstation to be able to administer the NetScreen device, you must add them individually as permitted IP addresses.
Note: Configuring a permitted IP address only restricts which workstation has administration rights to the NetScreen device and not who can administer it. Any administrator can log on to one of these workstations with their admin name and password and manage the device.
Note: The IP addresses you enter here are the addresses as perceived by the configured NAT device. If two or more hosts reside behind any NAT device that does many-to-one NAT, then it is only necessary to enter one "public" IP address, not the private IP addresses of individual hosts. To specify multiple host addresses, enter a single IP network address and its netmask.
To
Add a Permitted IP
AddressIn the IP Address/Netmask field:
To restrict administration to one address (one workstation), enter the specific IP address and 32 as the netmask.
Or
To allow administration from multiple addresses in a subnet, enter the specific IP network address and its netmask.
Note: If you enter an invalid IP address and click Add, the setting reverts to the 0.0.0.0 default IP address.
Click Add.
This table lists the IP addresses of the only workstations that can administer the NetScreen device.
To Remove a Permitted IP AddressIn the Configure column, click Remove for the permitted IP address you want to remove.
A system message prompts you to confirm the removal.
Click OK to continue or Cancel to cancel the action.