beautypg.com

2 secure remote web interface access, Https service introduction, The remote management certificate – Technicolor - Thomson Wireless Business DSL Routers SpeedTouchTM620 User Manual

Page 94: Default https service configuration, Secure remote web interface access, Chapter 8

background image

Chapter 8

SpeedTouch™ Remote Access

E-DOC-CTC-20051017-0155 v1.0

84

8.2 Secure Remote Web Interface Access

HTTPs service

Introduction

The SpeedTouch™ supports secure HTTP or HTTPS. The Transport Layer Security
(prior SSL implemented by Netscape) provides communications privacy over the
Internet. The protocol allows client/server applications to communicate in a way
that is designed to prevent eavesdropping, tampering, or message forgery.
The primary goal of the TLS Protocol is to provide privacy and data integrity
between two communicating applications.

The remote

management certificate

When booting, the SpeedTouch™ verifies if a certificate exists for remote
management. If no certificate is found, the SpeedTouch™ generates its own
certificate. When the SpeedTouch™ receives an HTTPs request on port 443, it
transmits this certificate to the client. The client can either accept of refuse the
server identity. Depending on client implementation, the end-user is prompted
whether or not to trust the server.

When a web user logs in or tries to log in the SpeedTouch™, a syslog message is
generated. This message indicates the user name and the underlying protocol
(HTTP or HTTPS)

After negotiating the cipher between the two peers involved in the TLS protocol,
data is encrypted for further communications. The minimum level of security
required for the connection is indicated by each peer. If the minimum requirement
of each peer cannot be achieved, the connection is closed.

Default HTTPs

service configuration

Use the following CLI command to see the default HTTPs service configuration.

=>:service system list name=HTTPs expand=enabled

Idx Name

Protocol

SrcPort

DstPort

Group

-----------------------------------------------------------------------

1 HTTPs

tcp

443

Description............... HTTP web server over ssl

Properties................ server

Attributes................ state port aclip aclif aclifgroup map log

User Managed Attributes... state port aclip aclif aclifgroup map log

Attribute Values :

State...................... enabled

Port....................... 443

Ip Access List............. any

Interface Access List...... any

Interface Group Access List lan

Map List................... 443

Logging.................... disabled

=>

See also other documents in the category Technicolor - Thomson Hardware: