Accessing the Avaya G250/G350 Media Gateway
Enabling and disabling telnet access
You can enable and disable the G250/G350's ability to establish incoming and outgoing telnet
connections, using the following commands. You can only use these commands when
accessing the G250/G350 via a direct connection to the console port.
Use the ip telnet command to enable the G250/G350 to establish an incoming telnet
●
connection. Use the no form of this command to disable the G250/G350's ability to
establish an incoming telnet connection.
Use the ip telnet-client command to enable the G250/G350 to establish an
●
outgoing telnet connection. Use the no form of this command to disable the G250/G350's
ability to establish an outgoing telnet connection.
Managing gateway secrets
The G250/G350 provides a mechanism for storage, backup, and restore of sensitive materials
(passwords and keys) maintained in the Media Gateways.
All sensitive materials are encrypted using a Master Configuration Key (MCK), derived from a
passphrase entered by an administrator. The secrets are then stored in the configuration file in
an encrypted format. This enables copying configurations, including secrets, from one device to
another. The only requirement is that the administrator generate an identical MCK (by using the
same passphrase) in the target device before executing the copy operation.
Note:
All gateways have the same default MCK. For security reasons, it is
Note:
recommended to configure a new MCK immediately upon gateway installation.
Configuring the Master Configuration Key
1. Type the key config-key password-encryption command, followed by a phrase of
13-64 printable ASCII characters.
2. Copy the running configuration to the start-up configuration using the copy
running-config startup-config command.
The new MCK is now in effect.
Enabling SYN cookies
The G250/G350 provides various TCP/IP services and is therefore exposed to a myriad of TCP/
IP based DoS attacks.
58 Administration for the Avaya G250 and Avaya G350 Media Gateways