ntls bind
Binds the network trust link service (NTLS) to a network device. You can bind NTLS to a specific device (eth0, eth1, eth2, or eth3), all devices (eth0, eth1, eth2, and eth3) or to a bonded interface (bond0 or bond1). See network interface bonding for more information about creating a bonded interface.
NOTE You can bind your NTLS traffic to an IPv4 or IPv6 device, but not to both IPv4 and IPv6 devices simultaneously. If some of the network devices on your Luna Network HSM are configured with IPv4 addresses, while others are configured with IPv6 addresses, the ntls bind all command will bind NTLS to all IPv4 devices, while the ntls bind all -ipv6 command will bind NTLS to all IPv6 devices.
You must restart the NTLS service for the change to take effect (see service restart):
> if the device you are binding to is configured and active, the NTLS traffic is bound to the new device immediately after NTLS restarts.
>if the device you are binding to is not configured or is inactive, the NTLS binding configuration is updated, but the NTLS traffic keeps its current binding. The NTLS traffic will begin using the new configuration only after you configure and connect the interface so that it becomes active, and restart the NTLS service.
If you wish, client traffic restriction could complement SSH traffic restriction using the command sysconf ssh ip or sysconf ssh device, which restrict administrative traffic (over SSH) to a specific IP address or device name on your Luna Network HSM.
User Privileges
Users with the following privileges can perform this command:
>Admin
>Operator
Syntax
ntls bind <netdevice> [-force] [-ipv6]
Argument(s) | Shortcut | Description |
---|---|---|
-force | -f | Force the action without prompting. |
-ipv6 | -i | Use with ntls bind all to bind all IPv6 devices. This parameter is not required when binding to a specific IPv6 device (eth0, eth1, eth2, or eth3), or a specific bonded device (bond0 or bond1). |
<netdevice> |
Specifies the network device you want to bind to the NTLS service. All NTLS traffic to the appliance will use the specified network device. Valid values: all: Bind to all devices. Use without the -ipv6 parameter to bind to all IPv4 devices. Use with the -ipv6 parameter to bind to all IPv6 devices. bond0: Bind to the bond0 interface. See network interface bonding. bond1: Bind to the bond1 interface. eth0: Bind to the eth0 device. eth1: Bind to the eth1 device. eth2: Bind to the eth2 device. eth3: Bind to the eth3 device. Default: all (0.0.0.0). This will bind to all IPv4 devices. |
Example
lunash:>ntls bind eth0
NTLS binding set to network device eth0. You must restart the NTLS service for the new settings to take effect.
If you are sure that you wish to restart NTLS, then type 'proceed', otherwise type 'quit'
>proceed Proceeding...
Restarting NTLS service...
Stopping ntls: [ OK ]
Starting ntls: [ OK ]
Command Result : 0 (Success)