Dell FCX624-I Laptop User Manual


  Open as PDF
of 1494
 
PowerConnect B-Series FCX Configuration Guide 1147
53-1002266-01
Restricting remote access to management functions
32
The zeroize parameter deletes the currently operative dsa key pair.
In addition, you must use AAA authentication to create a password to allow SSHv2 access. For
example the following command configures AAA authentication to use TACACS+ for authentication
as the default or local if TACACS+ is not available.
PowerConnect(config)#aaa authentication login default tacacs+ local
SNMP
To allow SNMP access to the Dell PowerConnect device, enter the following command.
PowerConnect(config)#snmp-server
Syntax: [no] snmp-server
Web management through HTTP
To allow web management through HTTP for the Dell PowerConnect device, you enable web
management as shown in the following command.
PowerConnect(config)#web-management http
Syntax: [no] web-management http | https
When using the web-management command, specify the http or https parameters.
The http parameter specifies that web management is enabled for HTTP access.
The https parameter specifies that web management is enabled for HTTPS access.
Web management through HTTPS
To allow web management through HTTPS, you must enable web management as shown in “Web
management through HTTP”. Additionally, you must generate a crypto SSL certificate or import
digital certificates issued by a third-party Certificate Authority (CA).
To generate a crypto SSL certificate use the following command.
PowerConnect(config)#crypto-ssl certificate generate
Syntax: crypto-ssl certificate [generate | zeroize]
Using the web-management command without the http or https option makes web management
available for both.
The generate parameter generates an ssl certificate.
The zeroize parameter deletes the currently operative ssl certificate.
To import a digital certificate issued by a third-party Certificate Authority (CA) and save it in the
flash memory, use the following command.
PowerConnect(config)#ip ssl certificate-data-file tftp 10.10.10.1 cacert.pem
Syntax: ip ssl certificate-data-file tftp <ip-addr> <file-name>
The <ip-addr> variable is the IP address of the TFTP server from which the digital certificate file is
being downloaded.
The <file-name> variable is the file name of the digital certificate that you are importing to the
router.