Ssl Client-Policy - H3C MSR Series Command Reference Manual
Comware 7 security
Hide thumbs
Also See for MSR Series:
- Command reference manual (174 pages) ,
- Configuration manual (80 pages) ,
- Manual (33 pages)
Table of Contents
Advertisement
Syntax
sms-imc enable
undo sms-imc enable
Default
IMC SMS message authentication is disabled.
Views
SSL VPN context view
Predefined user roles
network-admin
Usage guidelines
Before you execute this command, make sure SMS message authentication has been configured on
the IMC server.
In IP access mode, the authentication process for an SSL VPN user using an iNode client is as
follows:
1.
The iNode client sends a user login request to the SSL VPN gateway.
2.
The SSL VPN gateway obtains the verification code request from the login request and sends
the verification code request to the IMC server.
3.
The IMC server sends a verification code to the user through an SMS message and sends a
reply to the SSL VPN gateway.
4.
The SSL VPN gateway sends the reply to the iNode client.
5.
The user enters the username, password, and the received verification code on the login page
to pass authentication through the IMC server.
Examples
# Enable IMC SMS message authentication.
<Sysname> system-view
[Sysname] sslvpn context ctx1
[Sysname-sslvpn-context-ctx1] sms-imc enable
Related commands
sms-imc address
ssl client-policy
Use ssl client-policy to apply an SSL client policy to an SSL VPN context.
Use undo ssl client-policy to restore the default.
Syntax
ssl client-policy policy-name
undo ssl client-policy
Default
In non-FIPS mode, the default SSL client policy for SSL VPN is used. This policy supports the
rsa_rc4_128_md5 cipher suite.
In FIPS mode, the default SSL client policy for SSL VPN is used. This policy supports the
rsa_aes_128_cbc_sha cipher suite.
796
Advertisement
Table of Contents
