Manualshelf

F3215-HP Load Balancing Module Security Configuration Guide-6PW101

ManualsBrandsHP ManualsComputer AccessoriesHP 7100/7200 IPsec dl Module
12345678910
iii
Importing a public key from a public key file ··································································································· 105
Configuring SSL ······················································································································································· 108
Overview ······································································································································································· 108
SSL security mechanism ······································································································································ 108
SSL protocol stack ··············································································································································· 108
Configuration task list ·················································································································································· 109
Configuring an SSL server policy ······························································································································· 109
SSL server policy configuration example ·········································································································· 110
Configuring an SSL client policy ································································································································ 112
Displaying and maintaining SSL ································································································································· 113
Troubleshooting SSL ····················································································································································· 113
Configuring SSH ····················································································································································· 115
Overview ······································································································································································· 115
How SSH works ··················································································································································· 115
SSH authentication ·············································································································································· 116
SSH support for VPNs ········································································································································· 117
Configuring the device as an SSH server ·················································································································· 117
SSH server configuration task list ······················································································································ 118
Generating local RSA key pairs ························································································································ 118
Enabling the SSH server function ······················································································································· 118
Enabling the SFTP server function ······················································································································ 119
Configuring the user interfaces for SSH clients ································································································ 119
Configuring a client's host public key ··············································································································· 120
Configuring an SSH user ···································································································································· 121
Setting the SSH management parameters ········································································································ 122
Configuring the device as an Stelnet client ··············································································································· 123
Stelnet client configuration task list ···················································································································· 123
Specifying a source IP address or source interface for the Stelnet client ······················································ 123
Enabling and disabling first-time authentication ······························································································ 124
Establishing a connection to an Stelnet server ································································································· 125
Configuring the device as an SFTP client ·················································································································· 125
SFTP client configuration task list ······················································································································· 125
Specifying a source IP address or source interface for the SFTP client ························································· 126
Establishing a connection to an SFTP server ···································································································· 126
Working with SFTP directories ··························································································································· 127
Working with SFTP files ······································································································································ 128
Displaying help information ······························································································································· 128
Terminating the connection with the SFTP server ····························································································· 129
Configuring the device as an SCP client ··················································································································· 129
SCP client configuration task list ························································································································ 129
Transferring files with an SCP server ················································································································· 129
Displaying and maintaining SSH ······························································································································· 130
Stelnet configuration examples ··································································································································· 130
When the LB module acts as an Stelnet server for password authentication ················································ 130
When the LB module acts as an Stelnet server for publickey authentication ················································ 132
When the LB module acts as an Stelnet client for password authentication ················································· 137
When the LB module acts as an Stelnet client for publickey authentication ················································· 140
SFTP configuration examples ······································································································································ 142
When the LB module acts as an SFTP server for password authentication ··················································· 142
When the LB module acts as an SFTP client for publickey authentication ···················································· 143
SCP configuration example········································································································································· 147
Network requirements ········································································································································· 147
Configuration procedure ···································································································································· 147