Web Login Authentication Using Smart Cards; Configuring Web And Telnet Access List - AudioCodes Mediant 1000B User Manual
Analog & digital voip media gateway enterprise session border controller gateway & e-sbc
Hide thumbs
Also See for Mediant 1000B:
- User manual (1281 pages) ,
- Hardware installation manual (92 pages) ,
- Configuration note (52 pages)
Table of Contents
Advertisement
6.6
Web Login Authentication using Smart Cards
You can enable Web login authentication using certificates from a third-party, common
access card (CAC) with user identification. When a user attempts to access the device
through the Web browser (HTTPS), the device retrieves the Web user's login username
(and other information, if required) from the CAC. The user attempting to access the device
is only required to provide the login password. Typically, a TLS connection is established
between the CAC and the device's Web interface, and a RADIUS server is implemented to
authenticate the password with the username. Therefore, this feature implements a two-
factor authentication - what the user has (i.e., the physical card) and what the user knows
(i.e., the login password).
This feature is enabled using the EnableMgmtTwoFactorAuthentication parameter.
Note:
For specific integration requirements for implementing a third-party smart card
for Web login authentication, contact your AudioCodes representative.
To log in to the Web interface using CAC:
1.
Insert the Common Access Card into the card reader.
2.
Access the device using the following URL: https://<host name or IP address>; the
device prompts for a username and password.
3.
Enter the password only. As some browsers require that the username be provided,
it's recommended to enter the username with an arbitrary value.
6.7
Configuring Web and Telnet Access List
The Web & Telnet Access List page is used to define IP addresses (up to ten) that are
permitted to access the device's Web, Telnet, and SSH interfaces. Access from an
undefined IP address is denied. If no IP addresses are defined, this security feature is
inactive and the device can be accessed from any IP address. The Web and Telnet Access
List can also be defined using the ini file parameter WebAccessList_x (see ''Web and
Telnet Parameters'' on page 715).
To add authorized IP addresses for Web, Telnet, and SSH interfaces access:
1.
Open the Web & Telnet Access List page (Configuration tab > System menu >
Management > Web & Telnet Access List).
Figure 6-20: Web & Telnet Access List Page - Add New Entry
User's Manual
Mediant 1000B Gateway & SBC
64
Document #: LTRT-27034
Advertisement
Chapters
Table of Contents
