Lantronix EMG 8500 EMG User Guide - Page 171
Timeout, Yes, minutes 5-120, Enable TLS v1.0, Protocol, Cipher, Use only SHA2 and, Higher Ciphers
View all Lantronix EMG 8500 manuals
Add to My Manuals
Save this manual to your list of manuals |
Page 171 highlights
8: Services 2. Enter the following fields: Timeout Enable TLS v1.0 Protocol Enable TLS v1.1 Protocol Cipher Use only SHA2 and Higher Ciphers Group Access Select No to disable Timeout. Select Yes, minutes (5-120) to enable timeout. Enter the number of minutes (must be between 30 and 120 minutes) after which the EMG web session times out. The default is 30. Note: If a session times out, refresh the browser page and login to a new web session. If you close the browser without logging off the EMG unit first, you will have to wait for the timeout time to expire. You can also end a web session by using the admin web terminate command at the CLI or by asking your system administrator to terminate your active web session. To view or terminate current web sessions, click the Web Sessions link. See Services - Web Sessions. To view, import, or reset the SSL Certificate, click the SSL Certificate link. See Services - SSL Certificate. By default, the web supports the TLS v1.0 protocol. Uncheck this to disable the TLS v1.0 protocol. Changing this option requires a reboot or restarting the web server with the CLI command admin web restart for the change to take effect. Note: In FIPS mode, TLS v1.0 and TLS v1.1 must be enabled and disabled together. By default, the web supports the TLS v1.1 protocol. Uncheck this to disable the TLS v1.1 protocol. Changing this option requires a reboot or restarting the web server with the CLI command admin web restart for the change to take effect. Note: In FIPS mode, TLS v1.0 and TLS v1.1 must be enabled and disabled together. By default, the web uses High/Medium security (128 bits or higher) for the cipher. This option can be used to configure the web to also support just High security ciphers (256 bit, 168 bit and some 128 bit), or FIPS approved ciphers (see Security on page 134). Changing this option requires a reboot or restarting the web server with the CLI command admin web restart for the change to take effect. By default, the web supports SHA1 as well as SHA2 and higher ciphers. Check this option to support only SHA2 and higher ciphers. Changing this option requires a reboot or restarting the web server with the CLI command admin web restart for the change to take effect. Note: FIPS approved ciphers do not include TLSv1.3 ciphers. If FIPS approved ciphers are selected, TLSv1.3 will not be used for connection to the web server. The TLSv1.3 ciphers supported by the web server are TLS_AES_256_GCM_SHA384, TLS_CHACHA20_POLY1305_SHA256, and TLS_AES_128_GCM_SHA256. Specify one or more groups to allow access to the Web Manager user interface. If undefined, any group can access the web. If one or more groups are specified (groups are delimited by the characters ',' (comma) or ';' (semicolon)), then any user who logs into the web must be a member of one of the specified groups, otherwise access will be denied. Users authenticated via RADIUS may have a group (or groups) provided by the RADIUS server via the Filter-Id attribute that overrides the group defined for a user on the EMG. A group provided by a remote server must be either a single group or multiple groups delimited by the characters ',' (comma), ';' (semicolon), or '=' (equals) - for example "group=group1,group2;" or "group1,group2,group3". EMG™ Edge Management Gateway User Guide 171