Enabling tunnelguard srs administration, Configuring nortel snas host ssh keys, Configuring – Nortel Networks 5500 series User Manual

284

Configuring system settings

Enabling TunnelGuard SRS administration

To create and modify the TunnelGuard Software Requirement Set (SRS)
rules, you must use the SREM (see Nortel Secure Network Access Switch
4050 User Guide for the SREM (NN47230-101), ). Before you can access
the Rule Builder utility in the SREM, you must enable support for SRS
administration.

It is supported till Nortel Secure Network Access Switch Software Release
1.6.1.

To configure support for managing the SRS rules, use the following
command:

/cfg/sys/adm/srsadmin

The SRS Admin menu appears.

The SRS Admin menu includes the following options:

/cfg/sys/adm/srsadmin

followed by:

port <port>

Specifies the TCP port used for communication
with the SRS administration server. The
default is port 4443.

ena

Enables SRS administration, for creating and
managing SRS rules.

dis

Disables SRS administration. The default is
disabled.

Configuring Nortel SNAS host SSH keys

The Nortel SNAS functions as both SSH client (for importing and
exporting logs using SFTP) and SSH server for secure management
communications between the Nortel SNAS devices in a cluster.

ATTENTION

SCP is not supported.

The SSH host keys are a set of keys to be used by all hosts in the cluster
in accordance with the Single System Image (SSI) concept. As a result,
connections to the MIP always appear to an SSH client to be to the same
host.

During initial setup, there is an option to generate the SSH host keys
automatically.

To generate and view the SSH keys used by all hosts in the cluster for
secure management communications, use the following command:

Nortel Secure Network Access Switch

Using the Command Line Interface

NN47230-100

03.01

Standard

28 July 2008

Copyright © 2007, 2008 Nortel Networks

.