HP 6600 Security Configuration Manual page 10

Table of Contents

Stelnet configuration examples ··································································································································· 329

Password authentication enabled Stelnet server configuration example ······················································ 329

Publickey authentication enabled Stelnet server configuration example ······················································· 331

Password authentication enabled Stelnet client configuration example ························································ 336

Publickey authentication enabled Stelnet client configuration example ························································ 339

SFTP configuration examples ······································································································································ 341

Password authentication enabled SFTP server configuration example ·························································· 341

Publickey authentication enabled SFTP client configuration example ··························································· 343

SCP file transfer with password authentication ········································································································· 346

Network requirements ········································································································································· 347

Configuration procedure ···································································································································· 347

Configuring SSL ······················································································································································· 349

Overview ······································································································································································· 349

SSL security mechanism ······································································································································ 349

SSL protocol stack ··············································································································································· 350

FIPS compliance ··························································································································································· 350

Configuration task list ·················································································································································· 350

Configuring an SSL server policy ······························································································································· 350

Configuring an SSL client policy ································································································································ 352

Displaying and maintaining SSL ································································································································· 353

Troubleshooting SSL ····················································································································································· 353

SSL handshake failure ········································································································································· 353

Configuring SSL VPN ·············································································································································· 355

Advantages of SSL VPN ·············································································································································· 356

Configuring SSL VPN at the CLI ································································································································· 356

SSL VPN configuration example at the CLI ··············································································································· 357

Configuring SSL VPN in the Web interface ·············································································································· 359

Recommended configuration procedure ··········································································································· 359

Configuring PKI ··················································································································································· 360

Configuring the SSL VPN service ······················································································································· 371

Configuring Web proxy server resources········································································································· 372

Configuring TCP application resources ············································································································ 375

Configuring IP network resources ······················································································································ 381

Configuring a resource group ··························································································································· 387

Configuring local users ······································································································································· 388

Configuring a user group ··································································································································· 391

Viewing user information ···································································································································· 393

Performing basic configurations for the SSL VPN domain ·············································································· 394

Configuring authentication policies ··················································································································· 397

Configuring a security policy ····························································································································· 408

Customizing the SSL VPN user interface ··········································································································· 411

User access to SSL VPN ·············································································································································· 415

Logging in to the SSL VPN service interface ····································································································· 416

Accessing SSL VPN resources ···························································································································· 417

Getting help information ····································································································································· 418

Changing the login password ···························································································································· 419

SSL VPN configuration example in the Web interface ···························································································· 419

Configuration prerequisites ································································································································ 420

Verifying the configuration ································································································································· 433

viii