ntls ipcheck enable

Enable client source IP address validation by NTLS on a network trust link client connection. The checking is enabled by default. The best security of your client-to-Luna Network HSM 7 link is in force when ipcheck remains enabled. In general, keep ipcheck enabled except if network address translation (NAT) is enabled on your network between your client(s) and the Luna Network HSM 7 appliance. Confer with your network administrator in case of this or other situations where the ipcheck and configuration of your overall network might conflict.

NOTE If the client certificate was created and registered to the appliance using a hostname that can be resolved by the DNS, ntls ipcheck performs a DNS lookup using the registered hostname and compares the resolved IP to the source IP. In this case, ipcheck succeeds even if the client's actual IP changes.

User Privileges

Users with the following privileges can perform this command:

>Admin

>Operator

Syntax

ntls ipcheck enable

Example

lunash:>ntls ipcheck enable
NTLS client source IP validation enabled

Command Result : 0 (Success)



	SUPPORT	LEGAL
Luna Network HSM 7 Documentation © Copyright 2001-2025, Thales Group Last Updated: 2025-08-27 09:20:03 GMT-05:00	Customer Release Notes Customer Support Portal Support Contacts	End User License Agreement Third Party Software Licenses Document Information