Home » ZyXEL Manuals » Networking » ZyXEL ES-315 » Manual Viewer

ZyXEL ES-315 User Guide - Page 107

Introduction to HTTPS, 16.8 HTTPS Example, Service Access Control

Get ZyXEL ES-315 PDF manuals and user guides

Add to My Manuals
Save this manual to your list of manuals

Page 107 highlights

Chapter 16 Access Control 16.7 Introduction to HTTPS HTTPS (HyperText Transfer Protocol over Secure Socket Layer, or HTTP over SSL) is a web protocol that encrypts and decrypts web pages. Secure Socket Layer (SSL) is an applicationlevel protocol that enables secure transactions of data by ensuring confidentiality (an unauthorized party cannot read the transferred data), authentication (one party can identify the other party) and data integrity (you know if data has been changed). It relies upon certificates, public keys, and private keys. HTTPS on the Switch is used so that you may securely access the Switch using the web configurator. The SSL protocol specifies that the SSL server (the Switch) must always authenticate itself to the SSL client (the computer which requests the HTTPS connection with the Switch), whereas the SSL client only should authenticate itself when the SSL server requires it to do so. Authenticating client certificates is optional and if selected means the SSLclient must send the Switch a certificate. You must apply for a certificate for the browser from a CA that is a trusted CA on the Switch. Please refer to the following figure. 1 HTTPS connection requests from an SSL-aware web browser go to port 443 (by default) on the Switch's WS (web server). 2 HTTP connection requests from a web browser go to port 80 (by default) on the Switch's WS (web server). Figure 57 HTTPS Implementation " If you disable HTTP in the Service Access Control screen, then the Switch blocks all HTTP connection attempts. 16.8 HTTPS Example If you haven't changed the default HTTPS port on the Switch, then in your browser enter "https://Switch IP Address/" as the web site address where "Switch IP Address" is the IP address or domain name of the Switch you wish to access. ES-315/ES-315-F User's Guide 107

Section	Page
User’s Guide	1
About This User's Guide	3
Document Conventions	4
Safety Warnings	6
Contents Overview	9
Table of Contents	11
List of Figures	17
List of Tables	19
Introduction and Hardware	21
Getting to Know Your Switch	23
1.1 Introduction	23
1.1.1 Overview	23
1.1.2 IEEE 802.1Q VLAN Application Example	23
1.2 Ways to Manage the Switch	24
1.3 Good Habits for Managing the Switch	24
Hardware Overview	27
2.1 LEDs	27
2.2 Rear and Base Panels	28
Basic Configuration	31
The Web Configurator	33
3.1 Introduction	33
3.2 System Login	33
3.3 The Status Screen	34
3.3.1 Change Your Password	36
3.4 Saving Your Configuration	37
3.5 Switch Lockout	37
3.6 Resetting the Switch	38
3.7 Logging Out of the Web Configurator	38
3.8 Help	38
Initial Setup Example	39
4.1 Overview	39
4.1.1 Creating a VLAN	39
4.1.2 Setting Port VID	40
4.2 Configuring Switch Management IP Address	41
System Status and Port Statistics	43
5.1 Overview	43
5.2 Port Status Summary	43
5.2.1 Status: Port Details	44
Basic Setting	47
6.1 Overview	47
6.2 System Information	47
6.3 General Setup	48
6.4 Introduction to VLANs	49
6.5 Switch Setup Screen	49
6.6 IP Setup	51
6.6.1 Management IP Addresses	51
6.7 Port Setup	53
Advanced	55
VLAN	57
7.1 Introduction to IEEE 802.1Q Tagged VLANs	57
7.1.1 Forwarding Tagged and Untagged Frames	57
7.2 Static VLAN	58
7.2.1 Static VLAN Status	58
7.2.2 Static VLAN Details	58
7.2.3 Configure a Static VLAN	59
7.2.4 Configure VLAN Port Settings	61
Static MAC Forward Setup	63
8.1 Overview	63
8.2 Configuring Static MAC Forwarding	63
Filtering	65
9.1 Configure a Filtering Rule	65
Broadcast Storm Control	67
10.1 Broadcast Storm Control Setup	67
Bandwidth Control	69
11.1 Bandwidth Control Overview	69
11.2 Bandwidth Control Setup	69
Queuing Method	71
12.1 Queuing Method Overview	71
12.1.1 Strictly Priority Queuing	71
12.1.2 Weighted Fair Queuing	71
12.2 Configuring Queuing	72
Multicast	73
13.1 Multicast Overview	73
13.1.1 IP Multicast Addresses	73
13.1.2 IGMP Filtering	73
13.1.3 IGMP Snooping	73
13.2 Multicast Status	74
13.3 Multicast Setting	74
13.4 IGMP Filtering Profile	76
13.5 MVR Overview	77
13.5.1 Types of MVR Ports	78
13.5.2 MVR Modes	78
13.5.3 How MVR Works	78
13.6 General MVR Configuration	79
13.7 MVR Group Configuration	81
13.7.1 MVR Configuration Example	82
IP Application	85
Static Route	87
14.1 Static Routing Overview	87
14.2 Configuring Static Routing	87
Management	91
Maintenance	93
15.1 The Maintenance Screen	93
15.2 Load Factory Default	94
15.3 Save Configuration	94
15.4 Reboot System	94
15.5 Firmware Upgrade	95
15.6 Restore a Configuration File	95
15.7 Backup a Configuration File	96
15.8 FTP Command Line	96
15.8.1 Filename Conventions	97
15.8.2 FTP Command Line Procedure	97
15.8.3 GUI-based FTP Clients	98
15.8.4 FTP Restrictions	98
Access Control	99
16.1 Access Control Overview	99
16.2 The Access Control Main Screen	99
16.3 About SNMP	100
16.3.1 Supported MIBs	101
16.3.2 SNMP Traps	101
16.3.3 Configuring SNMP	103
16.3.4 Setting Up Login Accounts	104
16.4 SSH Overview	105
16.5 How SSH works	105
16.6 SSH Implementation on the Switch	106
16.6.1 Requirements for Using SSH	106
16.7 Introduction to HTTPS	107
16.8 HTTPS Example	107
16.8.1 Internet Explorer Warning Messages	108
16.8.2 Netscape Navigator Warning Messages	108
16.8.3 The Main Screen	109
16.9 Service Port Access Control	109
16.10 Remote Management	110
Diagnostic	113
17.1 Diagnostic	113
Syslog	115
18.1 Syslog Overview	115
18.2 Syslog Setup	115
18.3 Syslog Server Setup	116
MAC Table	119
19.1 MAC Table Overview	119
19.2 Viewing the MAC Table	120
ARP Table	121
20.1 ARP Table Overview	121
20.1.1 How ARP Works	121
20.2 Viewing the ARP Table	121
Troubleshooting and Product Specifications	125
Troubleshooting	127
21.1 Power, Hardware Connections, and LEDs	127
21.2 Switch Access and Login	128
Product Specifications	131
22.1 General Switch Specifications	131
22.2 Wall-mounting Instructions	134
Appendices and Index	137
IP Addresses and Subnetting	139
Common Services	149
Legal Information	153
Customer Support	157

Match case Limit results 1 per page

Chapter 16 Access Control

ES-315/ES-315-F User’s Guide

107

16.7

Introduction to HTTPS

HTTPS (HyperText Transfer Protocol over Secure Socket Layer, or HTTP over SSL) is a web

protocol that encrypts and decrypts web pages. Secure Socket Layer (SSL) is an application-

level protocol that enables secure transactions of data by ensuring confidentiality (an

unauthorized party cannot read the transferred data), authentication (one party can identify the

other party) and data integrity (you know if data has been changed).

It relies upon certificates, public keys, and private keys.

HTTPS on the Switch is used so that you may securely access the Switch using the web

configurator. The SSL protocol specifies that the SSL server (the Switch) must always

authenticate itself to the SSL client (the computer which requests the HTTPS connection with

the Switch), whereas the SSL client only should authenticate itself when the SSL server

requires it to do so. Authenticating client certificates is optional and if selected means the SSL-

client must send the Switch a certificate. You must apply for a certificate for the browser from

a CA that is a trusted CA on the Switch.

Please refer to the following figure.

HTTPS connection requests from an SSL-aware web browser go to port 443 (by default)

on the Switch’s WS (web server).

HTTP connection requests from a web browser go to port 80 (by default) on the Switch’s

WS (web server).

Figure 57

HTTPS Implementation

If you disable

HTTP

in the

Service Access Control

screen, then the Switch

blocks all HTTP connection attempts.

16.8

HTTPS Example

If you haven’t changed the default HTTPS port on the Switch, then in your browser enter

“https://Switch IP Address/” as the web site address where “Switch IP Address” is the IP

address or domain name of the Switch you wish to access.