Hp e-CommerceXML Accelerator sa7150 Manuel d'utilisateur Page 79
- Page / 212
- Table des matières
- DEPANNAGE
- MARQUE LIVRES
Noté. / 5. Basé sur avis des utilisateurs
C H A P T E R 4 Scenario 6—Configuring a Firewall
69
NOTE: The device
automatically adjusts the
list of MapIDs as they are
created and deleted, thus
MapID 2 becomes MapID
1 when the default (the
original MapID 1) is
deleted.
4. Once a user-created server assignment exists, the default
mapping can be deleted. In this example, delete MapID
number 1.
HP SA7150> list map
Map Net Ser Cipher Re- Client well
ID KeyID Server IP Port Port Suites direct Auth XML form
== ===== ========= ===== ==== ======== ===== ===== === ====
1 default 1.1.1.3 443 81 all(v2+v3) n n n N/A
5. Save the configuration.
HP SA7150> config save
Saving configuration to flash...
Configuration saved to flash
HP SA7150>
Firewall Configuration
Absent a firewall, outside clients would be able to connect to services
on the web server and possibly gain access to sensitive data—on port
80 using HTTP to access non-sensitive data, on port 443 using
HTTPS to access sensitive data, and on port 81 using HTTP to access
that same sensitive data. Obviously, allowing access to sensitive data
over an unencrypted connection on port 81 is not desirable.
Consequently a firewall should be configured to prevent such access.
NOTE: In this
configuration, the
firewall may occasionally
report the blocking of
outbound packets from
the Server on port 81.
This is normal—a side-
effect of the varying
latencies characteristic of
Internet traffic—and does
not indicate a problem
with the configuration.
Port Access
80 Allowed
443 Allowed
All Others Denied
- Publication Number 2
- Disclaimer 2
- Warranty 2
- Table of Contents 3
- Chapter 4: Scenarios 5
- Chapter 5: Command Reference 6
- Chapter 6: Remote Management 6
- Chapter 8: Software Updates 8
- Chapter 9: Troubleshooting 8
- Appendix A: Front Panel 8
- Appendix F: Support Services 9
- Introduction 11
- Assumptions 12
- Specifications 13
- Typographic Conventions 15
- Installation and Initial 17
- Configuration 17
- Additional Requirements 18
- Physical Installation 19
- Free-Standing 20
- Installation 20
- Network 20
- Connection 21
- Fail-through 22
- Accessing the 23
- Command 23
- Theory of Operation 25
- General Considerations 27
- Server Mappings 27
- XML Data Model 28
- Invalid URI Expressions 29
- Negation Operator 30
- Operators 30
- URI Expression: */hr.asp 32
- Boolean Operators 34
- Function Calls 34
- XML Pattern Creation 37
- Mapped Server 38
- Default Keyword 39
- XML Pattern Matching 39
- XML “Well-formed” Check 40
- Network Configurations 41
- Multiple 42
- SA7150s and 42
- Cascading 42
- SSL Operations 43
- Obtaining a 44
- Certificate 44
- Authority 44
- Using an 47
- Existing Key/ 47
- Apache SSL* 48
- Stronghold* 48
- Importing into the SA7150 48
- Creating a new 50
- Key/Certificate 50
- Global Site 51
- Certificates 51
- • Cipher Suite 53
- • Redirect URL 53
- • Client Authentication 53
- Client Authentication 54
- Creating a 55
- Client CA 55
- OpenSSL* 55
- SSL Processing 56
- Automapping 57
- Deleting automapping entries 57
- Blocking 58
- Subnet, Specific Port 59
- All IPs, Specific Port 60
- Delete a Block 61
- Scenarios 63
- XML Server 1 64
- XML Server 2 64
- XML Server 3 64
- Procedure for 65
- Scenario 1 65
- Verify creation of maps: 66
- Single Server 69
- Scenario 3 71
- Scenario 4—Cascaded SA7150s 73
- Scenario 4 74
- Scenario 5 76
- Firewall 77
- HP SA7150> create map 78
- Server IP (0.0.0.0): 1.1.1.3 78
- SSL (network) port [443]: 78
- Firewall Configuration 79
- Command Reference 81
- Command Line Interface 82
- HP SA7150> sh 83
- HP SA7150> set ssh e 83
- SSH Service started 83
- Cut and Paste 84
- Command Summary 85
- Command Command Options 87
- <log> > 90
- HP SA7150> create server 91
- HP SA7150> show server 92
- • all servers, or 95
- • a specified server 95
- Port Mapping 98
- Command Definition 100
- Operational 101
- Commands 101
- show spill 102
- Spill on overload: enabled 102
- Spill on overload: disabled 102
- Management 103
- Command Description 104
- set ssh_port <port> 106
- show ssh 106
- Alarms and 110
- Monitoring 110
- show rsc_window 111
- set utl_window <secs> 111
- set utl_highwater <%> 111
- show ovl_window 113
- Example: 114
- HP SA7150> password 118
- Old password:<xxxxx> 118
- HP SA7150> 118
- Logging 122
- Remote Management 123
- Limitations 124
- Remote Telnet Sessions 126
- Console 127
- HP SA7150> show telnet 128
- Remote SSH Sessions 129
- Console, SSH 130
- Changing the 130
- SSH Port 130
- HP SA7150> show ssh_port 131
- HP SA7150> set ssh disable 131
- SSH disable: 131
- HP SA7150> show ssh 131
- Starting SNMP 132
- Standards 132
- Compliance 132
- HP MIB Tree 133
- Trap Summary 134
- C H A P T E R 6SNMP 135
- Enabling 136
- Community String 137
- Access Control 138
- Alarm Types 143
- RSC: Refused 144
- Connections 144
- Utilization 145
- Threshold 145
- UTL Alarm CLI commands 146
- OVL: Overload 147
- Alarm Logging 148
- HP SA7150> list logs 149
- 20000727_145544 149
- to permit 150
- Examples: 153
- Software Updates 155
- Using HyperTerminal* 156
- Troubleshooting 159
- C H A P T E R 9 161
- Item Symptom Probable 161
- Front Panel 163
- Buttons and Switches 164
- Front Panel LEDs 164
- Connectors 166
- Failure/Bypass Modes 167
- Bypass Button 168
- Supported Ciphers 171
- SSL Version Level 172
- Regulatory 175
- Information 175
- VCCI Statement 176
- CE Compliance Statement 177
- CISPR 22 Statement 177
- VCCI Class A (Japan) 178
- Australia 178
- AVERTISSEMENT 179
- AVVERTENZA 180
- ADVERTENCIAS 181
- Wichtige Sicherheitshinweise 182
- Software License 185
- Agreement 185
- A P P E N D I X E 187
- MOZILLA 188
- LICENSE 188
- Version 1.1 188
- Support Services 201
- • An HP-authorized reseller 202
- Latin America 203
- Countries 204
- Glossary 205
- G L O S S A R Y 207
Produits connexes et manuels pour Matériel informatique Hp e-CommerceXML Accelerator sa7150
(94 pages)
(82 pages)© 2020, manymanuals.fr. Tous droits réservés | 0.026 s |
Manymanuals.com
Manymanuals.de
Manymanuals.fr
Manymanuals.it
Manymanuals.pl
Manymanuals.cz
Manymanuals.es
Manymanuals-pt.com
Commentaires sur ces manuels