System Service Access - Tripp Lite B092-016 Owner's Manual

Chapter 3: Initial System Configuration
3.4

System Service Access

Service Access specifies which access protocols/services can be used to access the Console Server (and connected serial ports).
The Administrator can access and configure the Console Server (and connected devices) using a range of access protocols/
services – and for each such access, the particular service must be running with access through the firewall enabled.
By default HTTP , HTTPS, Telnet and SSH services are running, and these services are enabled on all network interfaces. However,
again by default, only HTTPS and SSH access to the Console Server is enabled, while HTTP and Telnet access is disabled.
For other services, such as SNMP/Nagios NRPE/NUT, the service must first be started on the relevant network interface using
Port Rules (refer Chapter 5.7). Then the Services Access can be set to allow or block access.
To change the access settings:
• Select the Service Access tab on the System: Firewall page. This will displays the services currently enabled for the
Console Server's network interfaces. Depending on the particular Console Server model the interfaces displayed may
include :
o Network interface (for the principal Ethernet connection)
o Dial out (V90 and cellular modem)
o Dial in (internal or external V90 modem)
o WiFi (802.11 wireless)
o OoB Failover (second Ethernet connections)
o VPN (IPSec or Open VPN connection over any network interface)
• Check/uncheck for each network which service access is to be enabled /disabled
In the example shown below local Administrators on local Network Interface LAN do not have Telnet access to the Console
Server itself (only SSH and HTTPS access) but they do have Telnet access to the serial console devices attached to the
console Server. Similarly remote Administrators using Dial In only can access the Nagios/NUT status from the console Server
while VPN connected Administrators have been given extensive services access.
26