1. Home
    2. /
  2. Manuals
    3. /
  3. Nokia
    4. /
  4. IP45
    5. /
  5. 42
Page 206 / 342 Scroll up to view Page 201 - 205
9
Configuring Network Access
206
Nokia IP45 Security Platform User’s Guide v4.0
show ssh authkeys
<dsa | rsa> user admin id
identifier
<dsa | rsa> user admin list
Secure Socket Layer
Secure Socket Layer (SSL) enables secured communication over insecure networks. This
protocol uses a private key to encrypt data that is passed through an SSL connection and ensures
a secure connection between the client and the server.
Enabling HTTPS Web Access
You can enable HTTPS remote access, so that the IP45 users can securely access the IP45 portal
from the Internet, by accessing the URL https://X.X.X.X:981, where X.X.X.X is the IP45
Internet IP address.
Note
The URL https://my.firewall is accessible from the Internal network by default.
To enable HTTPS Web access
1.
Choose Setup from the main menu.
The Setup page opens.
2.
Click the Management tab.
The Management page opens.
3.
From the HTTPS drop down list, click:
±
Internal Network
—to enable only users of your internal network to access your IP45
through HTTPS.
Page 207 / 342
Nokia IP45 Security Platform User’s Guide v4.0
207
±
Internal Network + VPN
—to enable users of your internal network and users connected
to your IP45 through a VPN tunnel to access your IP45 through HTTPS.
±
IP Address Range
—to give a range of IP addresses. Traffic from these IP addresses only
can access your IP45 through HTTPS.
±
ANY—
to enable traffic generated from any IP address to access your IP45 through
HTTPS.
4.
Click Apply when you finish making the settings.
The Saved Successfully message appears.
Generating a Self-Signed Certificate and Private Key by Using the
CLI
Use the following command to generate a certificate and its associated private key. To better
ensure your security, generate the certificate and private key over a trusted connection.
generate https ssl-certificate key-bits <512 | 768 | 1024> <passphrase
name
| prompt-passphrase> country
name
state-or-province
name
locality
name
organization
name
organizational-unit
name
common-name
name
e-mail
address
name
<cert-file path | cert-request-file path> key-file path
For more information, see the
Nokia
IP45 Security Platform CLI Reference Guide Version 4.0
.
Installing a Certificate and Private Key
Use the following commands to copy a certificate and its associated private key in the /var/etc/
https_ssl_cert_server.crt and /var/etc/https_ssl_server.key files. Copying the certificate and
private key to these files makes them available to establish SSL-secure Web connections.
set https ssl-certificate
cert-file path key-file path <passphrase name | prompt-
passphrase>
For more information, see the
Nokia IP45 Security Platform CLI Reference Guide Version 4.0.
Viewing Certificate Fingerprint Display
The Nokia IP45 v4.0 supports certificate fingerprint display, a unique text used to identify the
certificate. This fingerprint will match the fingerprint displayed in the SecuRemote VPN clients,
upon connection to the appliance.
If the administrator provides a fingerprint to a SecuRemote user, the user should verify that the
root CA fingerprint that is displayed matches with the one provided by the administrator.You can
view the certificate fingerprint information by using the IP45 GUI.
To view a certificate fingerprint, choose VPN from the main menu and select Certificate.
The VPN certificate information is displayed with the fingerprint text, as shown below:
Page 208 / 342
9
Configuring Network Access
208
Nokia IP45 Security Platform User’s Guide v4.0
Page 209 / 342
Nokia IP45 Security Platform User’s Guide v4.0
209
10
Configuring and Monitoring SNMP
This chapter provides information about how to configure the Simple Network Management
Protocol (SNMP) and how to use SNMP to manage the Nokia IP45 security platform.
This chapter covers the following topics:
±
SNMP Description
±
SNMP Configuration from the Nokia IP45 Security Platform
±
Setting Up SNMP Access to the Nokia IP45 Security Platform
±
Configuring the SNMP Parameters
±
Configuring SNMP Parameters from the Command-Line Interface
SNMP Description
SNMP is the industry standard for monitoring and managing devices on data communication
and telecommunication devices or systems. SNMP helps in centrally monitoring and diagnosing
such devices.
The Nokia IP45 security platform supports the following MIBs:
±
MIB-II (for more information, see RFC 1213)
±
Host Resource MIB (for more information, see RFC 1514)
SNMP Configuration from the Nokia IP45 Security Platform
You can use the Nokia IP45 GUI portal and the command-line interface (CLI) to set, change, and
view parameters for SNMP.
Setting Up SNMP Access to the Nokia IP45
Security Platform
Allow or disallow SNMP manager software running outside your network to monitor the Nokia
IP45 security platform.
Page 210 / 342
10
Configuring and Monitoring SNMP
210
Nokia IP45 Security Platform User’s Guide v4.0
To enable SNMP access
1.
Click Setup in the main menu, and click the Management tab.
The Management page opens.
2.
Select one of the following from the SNMP drop-down list list.
±
Internal Network
±
Internal Network + VPN
±
IP Address Range
±
ANY
±
Disabled
If you select Internal Network, SNMP access to the IP45 is allowed from computers in your
internal network or LAN only; if you select IP Address Range, you can specify a range of IP
addresses from which SNMP access is allowed to your IP45.
Configuring the SNMP Parameters
When you set the SNMP access rules, you can configure the SNMP parameters from the Nokia
IP45 security platform GUI.
To configure the SNMP parameters
1.
Define the SNMP community name in the Management page. See
“To enable SNMP
access”
on page 210.
A community name must be specified to monitor your device by using SNMP.
2.
Click the Advanced tab.

Rate

3.5 / 5 based on 2 votes.

Popular Nokia Models

Famous Router IPs
Famous Router Companies
Bookmark Our Site

Press Ctrl + D to add this site to your favorites!

Share
Top