IP Access Control Lists

When deploying new IP telephone software, it is likely that you will use a subset of the telephone population for testing.

The Avaya IP Telephone File Server Application server offers the Access control list concept to define which IP addresses are allowed access to its various files. Using IP Access Control lists, each HTTP and HTTPS server checks the data subdirectory (TFTPdata, FTPdata, HTTPdata, or HTTPS data) for a fixed name file prefixed with its type. For example:

“TFTP_allow_IP.txt” (46xx only)

“FTP_allow_IP.txt” (46xx only)

“HTTP_allow_IP.txt”

“HTTPS_allow_IP.txt”

Alternatively, you can place the same generic file “allow_IP.txt” in each directory.

NOTE: The xxx_allow_IP.txt file itself can be automatically distributed as part of the TFTP download mechanism if placed in zipped format in the Updates directory of the fileserver. All the contents are unzipped and placed in the respective sub-directories. Alternatively, an administrator can use the FTP SuperUser mode to log into the remote IP Telephone File Server Application server and place access control lists in the given server directories.

If one of these files exists, it is used for each GET request to determine if the requester is listed. The server-specific file is used if it exists. Alternatively, the request uses the generic file.

The list format takes one of three styles:

• a full IP address, for example, 192.168.0.1,
• a partial IP address, for example, 192.168.0, or
• a range without spaces in the form 192.168.0.1-192.168.0.128, for example.

Put each entry in a simple text file on a separate line.