beautypg.com

1 remote management limitations, 2 system timeout, 2 www (http and https) – ZyXEL Communications NBG410W3G User Manual

Page 260

background image

Chapter 15 Remote Management

NBG410W3G Series User’s Guide

260

3 Telnet
4 HTTPS and HTTP

15.1.1 Remote Management Limitations

Remote management does not work when:

1 You have not enabled that service on the interface in the corresponding remote

management screen.

2 You have disabled that service in one of the remote management screens.
3 The IP address in the Secure Client IP Address field does not match the client IP

address. If it does not match, the ZyXEL Device will disconnect the session
immediately.

4 There is already another remote management session with an equal or higher priority

running. You may only have one remote management session running at one time.

5 There is a firewall rule that blocks it.
6 A filter is applied (through the commands) to block a Telnet, FTP or Web service.

15.1.2 System Timeout

There is a default system management idle timeout of five minutes (three hundred seconds).
The ZyXEL Device automatically logs you out if the management session remains idle for
longer than this timeout period. The management session does not time out when a statistics
screen is polling. You can change the timeout period in the MAINTENANCE > General
screen.

15.2 WWW (HTTP and HTTPS)

HTTPS (HyperText Transfer Protocol over Secure Socket Layer, or HTTP over SSL) is a web
protocol that encrypts and decrypts web pages. Secure Socket Layer (SSL) is an application-
level protocol that enables secure transactions of data by ensuring confidentiality (an
unauthorized party cannot read the transferred data), authentication (one party can identify the
other party) and data integrity (you know if data has been changed).
It relies upon certificates, public keys, and private keys (see

Chapter 11 on page 195

for more

information).
HTTPS on the ZyXEL Device is used so that you may securely access the ZyXEL Device
using the web configurator. The SSL protocol specifies that the SSL server (the ZyXEL
Device) must always authenticate itself to the SSL client (the computer which requests the
HTTPS connection with the ZyXEL Device), whereas the SSL client only should authenticate
itself when the SSL server requires it to do so (select Authenticate Client Certificates in the
REMOTE MGMT > WWW screen). Authenticate Client Certificates is optional and if
selected means the SSL-client must send the ZyXEL Device a certificate. You must apply for a
certificate for the browser from a CA that is a trusted CA on the ZyXEL Device.
Please refer to the following figure.

1 HTTPS connection requests from an SSL-aware web browser go to port 443 (by default)

on the ZyXEL Device’s WS (web server).

See also other documents in the category ZyXEL Communications Hardware: