Table of Contents
Advertisement
h3h5_in_the_lan.fm
HiPath 3000/5000 in the LAN Network
HG 1500 Board
Secure mode: SSL and VPN are active and configured. Access via CLI at the V.24 inter-
●
face and WBM (via HTTPS) are possible. Secure and insecure data transmission are pos-
sible according to the security policy configured.
Since a gateway in insecure mode would represent a weak point in the VPN, it must be placed
in secure mode before the VPN can be configured. This requires a certain degree of effort to
prevent any hackers from getting into the system during this phase of the process and under-
mining the subsequent steps taken.
The following steps must be taken for the gateway to be in secure mode:
1.
Connect a terminal (or a PC with a terminal emulation program) to the V.24 interface of the
gateway.
2.
Restart the gateway with the CLI command reset secure. When this is done, all user
settings are lost and all user data transmissions are interrupted until the gateway is recon-
figured.
At this point, the gateway is in "activation of SSL" mode. In this mode it can only be config-
ured using CLI at the V.24 interface – WBM, Telnet, HiPath 3000 Manager E and SNMP
are disabled.
3.
The gateway must be set up for SSL mode. First, the CLI command create SSL cer-
tificate must be used to generate a server certificate with which the gateway can iden-
tify itself to SSL clients. After that, SSL can be activated with the enable ssl command.
At this point, the gateway is in "secure administration" mode and can only be configured
using CLI at the V.24 interface or WBM via HTTPS – Telnet, HiPath 3000 Manager E and
SNMP are disabled.
4.
Start the browser for access to WBM and enter the gateway address with the protocol "ht-
tps://" (you can enter the port number "443" after the gateway address). The browser dis-
plays the previously configured server certificate which must be manually checked and ap-
proved. It can now also be installed in the browser to avoid future requests for it.
Use WBM to set up the VPN as described in the following section.
13-36
Nur für den internen Gebrauch
A31003-H3590-S100-7-7620, 06/2012
HiPath 3000/5000 V9, Service documentation
Hide quick links:
Advertisement
Table of Contents
