Manual

+7(495) 797-3311 www.qtech.ru

Москва, Новозаводская ул., 18, стр. 1

363

Firstly, SSL should be enabled on the switch. When the client tries to access the

switch through https method, a SSL session will be set up between the switch and the

client. When the SSL session has been set up, all the data transmission in the application

layer will be encrypted.

Configuration on the switch:

Switch(config)# ip http secure-server

Switch(config)# ip http secure-port 1025

Switch(config)# ip http secure-ciphersuite rc4-128-sha

46.4 SSL Troubleshooting

In configuring and using SSL, the SSL function may fail due to reasons such as physical

connection failure or wrong configurations. The user should ensure the following:

 First good condition of the physical connection;

 Second all interface and link protocols are in the UP state (use “show interface”

command);

 Then, make sure SSL function is enabled (use ip http secure-server command );

 Don’t use the default port number if configured port number, pay attention to the port

number when input the web wide;

 If SSL is enabled, SSL should be restarted after changes on the port configuration and

encryption configuration;

 IE 7.0 or above should be used for use of des-cbc-sha;

Web Server

Malicious Users

PC Users

Date Acquisition Fails

SSLSession

Connected

Web Browser https