Stelnet configuration examples ··································································································································· 329
SFTP configuration examples ······································································································································ 341
Network requirements ········································································································································· 347
Configuration procedure ···································································································································· 347
Configuring SSL ······················································································································································· 349
Overview ······································································································································································· 349
SSL security mechanism ······································································································································ 349
SSL protocol stack ··············································································································································· 350
FIPS compliance ··························································································································································· 350
Configuration task list ·················································································································································· 350
Configuring an SSL server policy ······························································································································· 350
Configuring an SSL client policy ································································································································ 352
Displaying and maintaining SSL ································································································································· 353
Troubleshooting SSL ····················································································································································· 353
SSL handshake failure ········································································································································· 353
Configuring SSL VPN ·············································································································································· 355
Overview ······································································································································································· 355
Advantages of SSL VPN ·············································································································································· 356
Configuring SSL VPN at the CLI ································································································································· 356
Configuring PKI ··················································································································································· 360
Configuring the SSL VPN service ······················································································································· 371
Configuring a resource group ··························································································································· 387
Configuring local users ······································································································································· 388
Configuring a user group ··································································································································· 391
Viewing user information ···································································································································· 393
Configuring a security policy ····························································································································· 408
User access to SSL VPN ·············································································································································· 415
Accessing SSL VPN resources ···························································································································· 417
Getting help information ····································································································································· 418
Changing the login password ···························································································································· 419
Network requirements ········································································································································· 419
Configuration prerequisites ································································································································ 420
Configuration procedure ···································································································································· 420
Verifying the configuration ································································································································· 433
viii