EasyManua.ls Logo

Zte ZXR10 5250 Series - SSL Configuration

Zte ZXR10 5250 Series
287 pages
To Next Page IconTo Next Page
To Next Page IconTo Next Page
To Previous Page IconTo Previous Page
To Previous Page IconTo Previous Page
Loading...
ZXR105250SeriesCongurationGuide
lCongurationProcedure
àCongureaVLANfortheports:
zte(cfg)#setvlan400addport1/1,1/2,1/4untag
zte(cfg)#setport1/1,1/2,1/4pvid400
àConguretheMFFattributesfortheportsandVLAN:
zte(cfg)#setmffvlan400addport1/1userport
zte(cfg)#setmffvlan400addport1/2userport
zte(cfg)#setmffvlan400addport1/4network
àCongureanintra-VLANgateway:
zte(cfg)#setmffvlan400gatewayip197.1.23.15
lCongurationVerication
WhenanARPrequestisreceivedonauserport,theswitchsearchestheARPtable
rst.IfthegatewayARPentryisnotcontainedintheARPtable,theswitchreplaces
theusertosendanARPrequesttothegateway,andthenaddsanMFFuserentry.
TheMFFuserentryisasfollows:
zte(cfg)#showmffuser-table
MFFuserentrytotalcount:1
Type:bornwayofMFFuserentry.
'M',manualconfigure;'A',ARPpacket;'D',DHCPsnoopingpacket.
VlanIdIpAddressTypeMacAddressGateway(IpOrMac)
----------------------------------------------------
400197.1.23.3A00.10.94.00.00.03197.1.23.15
5.43SSLConguration
SSLOverview
TheSSLprotocolisanintermediateprotocol.Itislocatedbetweentheapplicationlayer
andtransportlayerinthenetworkmodel.Throughthedataencryption,identication
authentication,andmessageintegrityvalidationmechanisms,SSLensuressecurityfor
connectionsestablishedbasedonreliableapplicationlayerprotocols(forexample,TCP).
TheSSLfunctionalmoduleenablestheZXR105250tooperateasanSSLserverand
completeinteractionwithaclient.TheinteractionprocedureincludesSSLhandshaking,
andpacketmonitoring,receiving,parsingandsending.TheSSLhandshakingprocedure
includesnegotiatinganencryptionalgorithm,verifyingthelocalcerticateontheserver,
exchangingkeys,andverifyingaMACaddress.Theencryptionalgorithm,localcerticate
ontheserver,keys,andMACaddressareusedfordataencryptionanddecryption,
identicationauthentication,andmessageintegrityvalidationinasubsequentsession.
EncryptioncerticatemanagementistheprerequisiteforSSLhandshaking.Certicate
managementincludeskeygenerationmanagement,localcerticategenerationonthe
server,androotcerticategenerationontheclient.
5-148
SJ-20131111172707-002|2013-11-27(R1.0)ZTEProprietaryandCondential

Table of Contents

Other manuals for Zte ZXR10 5250 Series

Preview: Command Reference
Command Reference708 pages

Related product manuals