Support User Manuals

Nortel Networks 2000 Switch User Manual

Open as PDF

of 280

Mediant 2000 SIP

Mediant 2000 SIP User’s Manual 40 Document #: LTRT-72504

5.4 Password Control

The Embedded Web Server is protected by a unique username and password combination. The

first time a browser request is made, the User is requested to provide his username and

password to obtain access. Subsequent requests are negotiated by the browser on behalf of the

User, so that the User doesn’t have to re-enter the username and password for each request, but

the request is still authenticated (the Embedded Web Server uses the MD5 authentication

method supported by the HTTP 1.1 protocol).

An additional level of protection is obtained by a restriction that no more than three IP addresses

can access the Embedded Web Server concurrently. With this approach, a fourth User is told that

the server is busy, even if the correct username and password were provided.

5.4.1 Embedded Web Server Username & Password

The default username and password for all gateways are:

• Username = “Admin” (case-sensitive)

• Password = “Admin” (case-sensitive)

For details on changing the username and password, refer to Section

5.9.7 on page 71. Note that

the password and username can be a maximum of 7 case-sensitive characters.

The User can reset the Web username and password (to the default values) by enabling an ini

file parameter called ‘ResetWebPassword’. The Web password is automatically the default

password.

5.5 Configuring the Web Interface via the ini File

Two additional security preferences can be configured using ini file parameters. These security

levels provide protection against unauthorized access (such as Internet hacker attacks),

particularly to Users without a firewall. For information on the ini file, refer to Section

6 on page

87.

5.5.1 Limiting the Embedded Web Server to Read-Only Mode

Users can limit the Web Interface to read-only mode by changing the ini file parameter

‘DisableWebConfig’ to 1. In this mode all Web screens are read-only and cannot be modified. In

addition, the following screens cannot be accessed: ‘Quick Setup’, ‘Change Password’, ’Reset‘,

‘Save Configuration‘, ‘Software Upgrade Wizard’, ‘Load Auxiliary Files’, ‘Configuration File’ and

‘Regional Settings’.

5.5.2 Disabling the Embedded Web Server

To deny access to the gateway through HTTP protocol, the User can disable the Embedded Web

Server task. To disable the Web task, use the ini file parameter ‘DisableWebTask = 1’. The

default is to Web task enabled.

previous next