The Access Control dialog allows managing the IP addresses, subnets and domain names, which are allowed to access the camera or which are prevented from accessing the camera. This possibility to control access to the camera uses the IP protocol level, is independent of password-based user authentication on HTTP protocol level and supersedes password-based authentication. If a computer does not have IP-level access to the camera, there is no possibility to reach the camera from that computer. If a computer has IP-level access to the camera, password-based user authentication follows as next step, as specified in the Users and Passwords dialog.
The rules (IP addresses, subnets and domain names) are specified in the Access Rules for Allow and Access Rules for Deny sections of the dialog. The No Match section controls all IP addresses, subnets and domain names, which are not mentioned in one of the other access rules.
Access Rule |
Description |
---|---|
Allow |
If the rule (i.e. IP address/subnet/domain name) applies, access to the camera is granted. |
Temporary Allow |
If the rule applies, access to the camera is granted. This rule is only used until the next camera reboot. |
Deny |
If the rule applies, access to the camera is denied. |
Temporary Deny |
If the rule applies, access to the camera is denied. This rule is only used until the next camera reboot. |
Inactive |
This rule will be ignored. |
Delete rule |
This option is only available for existing rules. Activate this checkbox to delete the rule. |
A single IP address in the commonly used notation (xxx.xxx.xxx.xxx
, e.g. 192.168.1.163
).
A complete subnet as IP/MASK
, where IP and MASK are specified in the commonly used notation (xxx.xxx.xxx.xxx/nnn.nnn.nnn.nnn
, e.g. 192.168.1.0/255.255.255.0
).
A single computer as fully qualified domain name, e.g. ftp.mobotix.com
.
All computers in a DNS domain, where the domain has to start with a dot (full stop), e.g. .mobotix.com
.
If you would like to use domain names, make sure that a DNS server has been set in the Ethernet Interface dialog.
Processing starts when a network device (e.g. computer) tries to establish a TCP/IP connection to the camera's web server. The camera first processes the Access Rules for Allow. If the accessing computer (device) is found in the rules, the camera grants access to the web server. If none of the Access Rules for Allow applies, the Access Rules for Deny are applied. If a Deny access rule applies, the HTTP connection will be closed with an error message. If none of the Allow/Deny rules apply, access is controlled by the setting of the No Match section.
The computer ftp.mobotix.com
should be able to directly access the camera.
All other computers of the domain mobotix.com
should not be able to access the camera.
All other computers not belonging to the domain mobotix.com
should also be able to access the camera.
Access Rule |
Mode |
Rule |
---|---|---|
Allow |
Allow |
|
Deny |
Deny |
|
No match |
Allow |
- |
Click on the Set button to activate your settings and to save them until the next reboot of the camera.
Click on the Factory button to load the factory defaults for this dialog (this button may not be present in all dialogs).
Click on the Restore button to undo your most recent changes that have not been stored in the camera permanently.
Click on the Close button to close the dialog. While closing the dialog, the system checks the entire configuration for changes. If changes are detected, you will be asked if you would like to store the entire configuration permanently.