Network and System Management
330
ProSafe Gigabit Quad WAN SSL VPN Firewall SRX5308
6. Click Apply to save your settings.
7. Repeat
Step 1 through Step 6 for the user with the name guest.
Note: After a factory defaults reset, the password and time-out value are
changed back to password and 5 minutes, respectively.
You can also change the administrator login policies:
• Disa
ble login. Deny login access.
Note: You obviously do not want to deny login access to yourself if you are
logged in as an administrator.
• Deny login access from a WAN interface. By default, the administrator cannot log in from
a WAN interface. You can change this setting to allow login access from a WAN interface.
• Deny
or allow login access from specific IP addresses. By default, the administrator can
log in from any IP address.
Note: For enhanced security, restrict access to as few external IP
addresses as practical.
• Deny or allow login access from specific browsers. By default, the administrator can log in
from any browser.
In general, these policy settings work well for an administrator
. However, you can change the
administrator login policies as explained in Set User Login Policies on p
age 306.
Configure Remote Management Access
An administrator can configure, upgrade, and check the status of the VPN firewall over the
Internet through a Secure Sockets Layer (SSL) VPN connection.
Note: When remote management is enabled and administrative access
through a WAN interface is granted (see
Configure Login Policies on
page 306), the VPN firewall’s web management interface is
accessible to anyone who knows its IP address and default password.
Becau
se a malicious WAN user can reconfigure the VPN firewall and