1. Home
    2. /
  2. Manuals
    3. /
  3. Nokia
    4. /
  4. IP45
    5. /
  5. 41
Page 201 / 342 Scroll up to view Page 196 - 200
Nokia IP45 Security Platform User’s Guide v4.0
201
2.
Click Management.
The Management page opens.
3.
Select (Access from) from the drop-drown list for HTTPS, SSH, and SNMP Access control.
You can select one of the following:
±
Internal Networks
—you can access the device only when you are within a LAN.
±
Internal Networks +VPN
—you can access the device when you are in a LAN or
connected through VPN.
±
Internal Networks +IP Range
—only specified computers with a given IP address range
can access the device.
±
ANY
—you can access the appliance from any location.
Telnet Access
Note
Telnet access is disabled by default. To allow Telnet access from the LAN, WAN, and DMZ,
configure separate user rules.
For more information about Telnet access, see
“Using Telnet to Connect to the Nokia IP45
Security Platform”
on page 68.
Secure Shell
The Nokia IP45 supports SSH 2.0. The SSH feature in the IP45 provides secure remote access to
the device. In addition, SCP is supported to enable secure upgrade of the device, downloading of
public keys, HTTPS certificates, import and export features.
Page 202 / 342
9
Configuring Network Access
202
Nokia IP45 Security Platform User’s Guide v4.0
Configuring SSH
To start using SSH remotely, first set IP45 to accept requests from SSH clients.
To enable IP45 to accept SSH requests
1.
Choose Setup from the main menu.
The Setup page opens.
2.
Click the Management tab
.
The Management page opens.
Note
Secure Shell access is enabled by default from the LAN and DMZ interfaces. Setting of
management rules, which is described in this section, is applicable only for allowing
SSH access from the WAN side.
3.
From the SSH drop-down list, choose one of the following:
±
Internal Network
±
Internal Network + VPN
±
IP Address Range
±
ANY
Click Internal Network to enable only computers from your internal network to access your
IP45 through SSH. Similarly, click ANY to enable any host (with any IP address) to connect
to IP45 through SSH, and so on.
Page 203 / 342
Nokia IP45 Security Platform User’s Guide v4.0
203
Enabling or Disabling SSH Service
Note
Secure Shell (SSH) options cannot be configured from the Nokia IP45 GUI. Use the
command-line options from a command shell (such as HyperTerminal) to configure these
options. A brief list of important command-line options for configuring Secure Shell (SSH) is
included in the user guide for the purpose of introduction. For additional and detailed
information, see the Nokia
IP45 Security Platform CLI Reference Guide
Version 4.0
.
Use the following commands to enable, disable, and view the status of SSH service:
To enable the SSH service, use the following command:
set ssh server
enable <0 | 1>
To view the SSH service, use the following command:
show ssh server
enable
Arguments
enable <0 / 1>
The value of 0 disables SSH and the value of 1 enables SSH. The default value is 1 since SSH is
enabled by default.
SSH Authentication Methods
You can perform the SSH authentication in the following ways:
±
Password authentication
—set up by default. In this method, you can connect to the SSH
server running on the IP45 from the SSH client installed on your computer, after entering
your password.
±
Public-key authentication—
one of the most secure ways to authenticate by using SSH.
The basic principle in public-key authentication is the use of a pair of computer-generated
keys: private key and public key. A public key is not useful unless you have the
corresponding private key.
Using SSH Client
You need an SSH client to connect to the SSH server running on the IP45. Install an SSH client
if you do not have one already.
You can use the SSH client to connect to the IP45 by using password authentication or public
key authentication. For additional information, see
User Manual
of the SSH client you are using.
Page 204 / 342
9
Configuring Network Access
204
Nokia IP45 Security Platform User’s Guide v4.0
Configuring Advanced Secure Shell Server Options
For additional information on using the command line options, see the
Nokia IP45 Security
Platform CLI Reference Guide Version 4.0.
Configuring Server Authentication of Users
Use the following commands to configure the type of authentication the server uses to
authenticate users:
set ssh server
password-authentication <0 | 1>
publickey-authentication <0 | 1>
Use the following commands to show user authentication configurations:
show ssh server
password-authentication
publickey-authentication
Configuring Server Protocol Details
Use the following commands to configure SSH protocols:
set ssh server
ciphers
name
keepalives <on / off>
listen-addr
address
listen-addr2
address
maxconnections
Number
port <1-65535>
Use the following commands to show SSH protocol configurations:
show ssh server
ciphers
keepalives
listen-addr
listen-addr2
maxconnections
port
Configuring Service Details
Use the following commands to configure the service details:
set ssh server
login-grace-time
integer
Use the following commands to show the service details:
Page 205 / 342
Nokia IP45 Security Platform User’s Guide v4.0
205
show ssh server
login-grace-time
Configuring Server Implementation
Use the following commands to configure the type of authentication the server will use to
authenticate users.
set ssh server
log-level
name
Use the following commands to show service detail configurations:
show ssh server
log-level
Configuring and Managing SSH Key Pairs
This section provides details about how to configure and manage your SSH key pairs.
Managing New Host Keys
Use the following commands to generate new host keys:
set ssh hostkey
dsa
size
<768 | 1024 | 2048 |4096>
rsa
size
<768 | 1024 | 2048 |4096>
Use the following commands to view host keys:
show ssh hostkey
dsa
rsa
Managing Authorized Keys
Use the following commands to add authorized keys:
add ssh authkeys
<dsa | rsa> user admin <openssh-format | ssh2-format> file
Use the following commands to delete authorized keys:
delete ssh authkeys
<dsa | rsa> user admin id
Use the following commands to view keys configured for various user accounts:

Rate

3.5 / 5 based on 2 votes.

Popular Nokia Models

Famous Router IPs
Famous Router Companies
Bookmark Our Site

Press Ctrl + D to add this site to your favorites!

Share
Top