EasyManua.ls Logo

TP-Link T1500 Series - Page 527

TP-Link T1500 Series
844 pages
To Next Page IconTo Next Page
To Next Page IconTo Next Page
To Previous Page IconTo Previous Page
To Previous Page IconTo Previous Page
Loading...
Configuring Access Security Access Security Configurations
Configuration Guide
505
Step 6 ip http secure-max-users
admin-num
operator-num poweruser-num user-num
Specify the maximum number of users that are allowed to connect to the HTTPS server. The
total number of users should be no more than 16.
admin-num
: Enter the maximum number of users whose access level is Admin. The valid values
are from 1 to 16.
operator-num
: Enter the maximum number of users whose access level is Operator. The valid
values are from 0 to 15.
poweruser-num
: Enter the maximum number of users whose access level is Power User. The
valid values are from 0 to 15.
user-num
: Enter the maximum number of users whose access level is User. The valid values are
from 0 to 15.
Step 7 ip http secure-server download certificate
ssl-cert
ip-address
ip-addr
Download the desired certificate to the switch from TFTP server.
ssl-cert
: Specify the name of the SSL certificate, which ranges from 1 to 25 characters. The
certificate must be BASE64 encoded. The SSL certificate and key downloaded must match
each other.
ip-addr
: Specify the IP address of the TFTP server. Both IPv4 and IPv6 addresses are
supported.
Step 8 ip http secure-server download key
ssl-key
ip-address
ip-addr
Download the desired key to the switch from TFTP server.
ssl-key
: Specify the name of the key file saved in TFTP server. The key must be BASE64
encoded.
ip-addr
: Specify the IP address of the TFTP server. Both IPv4 and IPv6 addresses are
supported.
Step 9 show ip http secure-server
Verify the global configuration of HTTPS.
Step 10 end
Return to privileged EXEC mode.
Step 11 copy running-config startup-config
Save the settings in the configuration file.
The following example shows how to configure the HTTPS function. Enable SSL3 and TLS1
protocol. Enable the ciphersuite of 3des-ede-cbc-sha. Set the session timeout time as 15,
the maximum admin number as 2, the maximum operator number as 2, the maximum power
user number as 2, the maximum user number as 2. Download the certificate named ca.crt
and the key named ca.key from the TFTP server with the IP address 192.168.0.100.
Switch#configure
Switch(config)#ip http secure-server
Switch(config)#ip http secure-protocol ssl3 tls1

Table of Contents

Related product manuals