Nortel 3050 Command Reference Manual page 106
Vpn gateway
Hide thumbs
Also See for 3050:
- Troubleshooting manual (70 pages) ,
- Installation manual (22 pages) ,
- Implementation manual (15 pages)
Table of Contents
Advertisement
106 Command Reference
Table 26
HTTP Settings Menu Options (/cfg/ssl/server/http) (cont'd.)
Command Syntax and Usage
certcard
sslheader on|off
Copyright © 2007 Nortel Networks
.
•
on: The VPN Gateway sets the Secure attribute on the NVG session
cookie and all Set-Cookie headers generated by backend servers. It
directs the user agent to use only secure means to contact the origin
server whenever it sends back this cookie. For more information, see
RFC 2109.
•
off: The Secure attribute is not set. This may cause the NVG session
cookie to leak to a trap site through HTTP. This is the default value.
The default value is on.
Command used to handle security for client certificates on smart cards.
•
on: Configures the system to log out a remote user from the Portal
session as soon as the smart card is removed from the card reader.
•
off: The remote user will still be logged in to the Portal even if the smart
card is removed from the card reader. If the user logs out however, the
card must be reinserted in the card reader for the user to be able to log
back in.
The default value is off.
Note: Turning this feature on will make browser sessions for client certificate
users very slow, because a new SSL handshake has to be performed for
each GET request and only one HTTP request is allowed per SSL session.
The reason is that the client certificate is only sent by the client when a new
SSL session is negotiated. To detect that the card has been removed, a new
SSL handshake (full handshake, no reuse) must be forced for each request.
Nortel VPN Gateway
Command Reference
NN46120-103 01.01 Standard
10 September 2007
- Quick Links:
- Menu Basics
Hide quick links:
Advertisement
Table of Contents
