EasyManuals Logo

SNR S2940-8G-v2 User Manual

SNR S2940-8G-v2
420 pages
To Next Page IconTo Next Page
To Next Page IconTo Next Page
To Previous Page IconTo Previous Page
To Previous Page IconTo Previous Page
Page #345 background imageLoading...
Page #345 background image
SNR S2940-8G-v2 Switch Configuration Guide
SSL Configuration
the other program in sequence, lose packet and re-forwarding will not appear. A lot of transmis-
sion protocols can provide such kind of service in theory, but in actual application, SSL is almost
running on TCP, and not running on UDP and IP directly.
When web function is running on the switch and client visit our web site through the internet
browser, we can use SSL function. The communication between client and switch through SSL
connect can improve the security.
Firstly, SSL should be enabled on the switch. When the client tries to access the switch through
https method, a SSL session will be set up between the switch and the client. When the SSL
session has been set up, all the data transmission in the application layer will be encrypted.
SSL handshake is done when the SSL session is being set up. The switch should be able to
provide certification keys. Currently the keys provided by the switch are not the formal certification
keys issued by official authentic, but the private certification keys generated by SSL software under
Linux which may not be recognized by the web browser. With regard to the switch application, it
is not necessary to apply for a formal SSL certification key. A private certification key is enough
to make the communication safe between the users and the switch. Currently it is not required
that the client is able to check the validation of the certification key. The encryption key and the
encryption method should be negotiated during the handshake period of the session which will be
then used for data encryption.
SSL session handshake process:
1 Client -> encryption algorithm random key for encryption -> Server
2 Client <- The selected encryption algorithm, the certification
which is randomly generated
<- Server
3 Client -> The encrypted master_key -> Server
4 Client <- To compute the encryption key <- Server
5 Client -> The MAC value of the handshaking messages -> Server
6 Client <- The MAC value of the handshaking messages <- Server
51.2 SSL Configuration Task List
1. Enable/disable SSL function
2. Configure/delete port number by SSL used
3. Configure/delete secure cipher suite by SSL used
4. Maintenance and diagnose for the SSL function
1. Enable/disable SSL function
Command Explanation
Global Mode
ip http secure-server
no ip http secure-server
Enable/disable SSL function.
345

Table of Contents

Questions and Answers:

Question and Answer IconNeed help?

Do you have a question about the SNR S2940-8G-v2 and is the answer not in the manual?

SNR S2940-8G-v2 Specifications

General IconGeneral
BrandSNR
ModelS2940-8G-v2
CategorySwitch
LanguageEnglish