Filter
Top Products
The console server will automatically reboot. During the reboot, the console server will erase
SSHkeys, update the configuration of HTTPD, SSHD, ADSAP2d and SNMPD files and test
the integrity of the FIPSObject Module. Once the reboot is complete, the console server will
accept SSH and HTTPSconnections using only FIPS-approved ciphers.
When FIPS is enabled the following restrictions apply:
For SSH sessions:
• Protocol version 1 will be disabled.
• Triple-DES CBS and AES 128/192/256 CBSare the only encryption ciphers that
will be accepted.
• HMAC-SHA1 and HMAC-SHA1-96 are the only message integrity algorithms
that will be accepted.
• Only RSAkeys 1024 to 16384 bits will be accepted.
HTTPSsessions will accept only the SSL v 3.1(TLSv1) protocol to establish the
SSLtunnel with one of the following encryption ciphers:
• AES-256-SHA
• AES-128-SHA
• Triple DESSHA (DES-CBC3-SHA)
SNMPversion 3 requests will be accepted when authentication is SHAand the
encryption cipher is AES.
Bootp Configuration Retrieval
You can set your consoleserver to be reconfigured during boot or at IPrenewal.
To generate configuration to be retrieved:
1. Click System Tools - Save Configuration and save the configuration to either an FTPsite
or locally.
-or-
Use the list_configuration command to get the CLItemplate scripts, edit the
configuration of the console server and save it as a text file.
-or-
Edit a file with CLI commands and save it.
2. Transfer the saved file to a DHCPserver.
3. Configure the DHCP server to transfer the configuration file to the console server.
26 Cyclades™ ACS 6000 Advanced Console Server Installation/Administration/User Guide