HP 2600 Series User Manual

7-20

Configuring Secure Socket Layer (SSL)
Configuring the Switch for SSL Operation

Figure 7-8. Using the web browser interface to enable SSL and select TCP port number

N o t e o n P o r t
N u m b e r

ProCurve recommends using the default IP port number (443). However, you
can use

web-management ssl tcp-port to specify any TCP port for SSL connec-

tions except those reserved for other purposes. Examples of reserved IP ports
are 23 (Telnet) and 80 (http). Some other reserved TCP ports on the switch
are 49, 80, 1506, and 1513.

C a u t i o n

SSL does not protect the switch from unauthorized access via the Telnet,
SNMP, or the serial port. While Telnet access can be restricted by the use of
passwords local to the switch, if you are unsure of the security this provides,
you may want to disable Telnet access (

no telnet). If you need to increase SNMP

security, use SNMP version 3 only for SNMP access. Another security measure
is to use the Authorized IP Managers feature described in the switch’s Security
Guide

. To protect against unauthorized access to the serial port (and the Clear

button, which removes local password protection), keep physical access to
the switch restricted to authorized personnel.

Enable SLL
and port number Selection