Nortel Networks 450 series Switch User Manual


 
284 Configuring system settings
Enabling TunnelGuard SRS administration
To create and modify the TunnelGuard Software Requirement Set (SRS)
rules, you must use the SREM (see Nortel Secure Network Access Switch
4050 User Guide for the SREM (NN47230-101), ). Before you can access
the Rule Builder utility in the SREM, you must enable support for SRS
administration.
It is supported till Nortel Secure Network Access Switch Software Release
1.6.1.
To configure support for managing the SRS rules, use the following
command:
/cfg/sys/adm/srsadmin
The SRS Admin menu appears.
The SRS Admin menu includes the following options:
/cfg/sys/adm/srsadmin
followed by:
port <port>
Specifies the TCP port used for communication
with the SRS administration server. The
default is port 4443.
ena
Enables SRS administration, for creating and
managing SRS rules.
dis
Disables SRS administration. The default is
disabled.
Configuring Nortel SNAS host SSH keys
The Nortel SNAS functions as both SSH client (for importing and
exporting logs using SFTP) and SSH server for secure management
communications between the Nortel SNAS devices in a cluster.
ATTENTION
SCP is not supported.
The SSH host keys are a set of keys to be used by all hosts in the cluster
in accordance with the Single System Image (SSI) concept. As a result,
connections to the MIP always appear to an SSH client to be to the same
host.
During initial setup, there is an option to generate the SSH host keys
automatically.
To generate and view the SSH keys used by all hosts in the cluster for
secure management communications, use the following command:
Nortel Secure Network Access Switch
Using the Command Line Interface
NN47230-100 03.01 Standard
28 July 2008
Copyright © 2007, 2008 Nortel Networks
.