Configuration Guide User guide
122 FastIron Configuration Guide
53-1002494-02
Remote access to management function restrictions
Brocade(config)#web-management http
Syntax: [no] web-management http | https
When using the web-management command, specify the http or https parameters.
The http parameter specifies that web management is enabled for HTTP access.
The https parameter specifies that web management is enabled for HTTPS access.
Allowing Web management through HTTPS
To allow web management through HTTPS, you must enable web management as shown in
“Allowing Web management through HTTP for the Brocade device”. Additionally, you must generate
a crypto SSL certificate or import digital certificates issued by a third-party Certificate Authority
(CA).
To generate a crypto SSL certificate use the following command.
Brocade(config)#crypto-ssl certificate generate
Syntax: crypto-ssl certificate [generate | zeroize]
Using the web-management command without the http or https option makes web management
available for both.
The generate parameter generates an ssl certificate.
The zeroize parameter deletes the currently operative ssl certificate.
To import a digital certificate issued by a third-party Certificate Authority (CA) and save it in the
flash memory, use the following command.
Brocade(config)#ip ssl certificate-data-file tftp 10.10.10.1 cacert.pem
Syntax: ip ssl certificate-data-file tftp <ip-addr> <file-name>
The <ip-addr> variable is the IP address of the TFTP server from which the digital certificate file is
being downloaded.
The <file-name> variable is the file name of the digital certificate that you are importing to the
router.
Disabling specific access methods
You can specifically disable the following access methods:
• Telnet access
• Web management access
• SNMP access
• TFTP
NOTE
If you disable Telnet access, you will not be able to access the CLI except through a serial connection
to the management module. If you disable SNMP access, you will not be able to use an SNMP-based
management applications.