set admin-access

Description

Configures various parameters for administrator access to the appliance through WebUI and SSH.

Syntax

set admin-access

[ interfaces any access {allow | block} ]

[ interfaces LAN access {true | false} ]

[ interfaces WAN access {true | false} ]

[ interfaces Wireless access {true | false} ]

[ interfaces VPN access {true | false} ]

[ allowed-ipv4-addresses <allowed-ipv4-addresses> ]

[ ssh-access-port <ssh-access-port> ]

[ web-access-port <web-access-port> ]

[ support-weak-tls-version {true | false} ]

Parameters

Parameter

Description

{true | false}

Enables (true) or disables (false) administrator access through the specified interface

interfaces

Specifies the interface, through which the access is allowed

allowed-ipv4- addresses

Configures the administrator access permissions policy for source IP addresses

One of these:

any
from-ip-list
any-except-internet

ssh-access-port

Configures the port number for SSH access

support-weak-tls- version

Best Practice - For security reasons, it is highly recommended to keep the default value "false". Changing the value to "true" exposes the administration portal to at- tacks that use vulnerabilities like Heartbleed (CVE-2014-0160).

If you configure the value "true", support of TLSv1.0 is added back to the administration portal to allow connectivity with old web browsers (usually, those released prior to 2014).

web-access-port

Configures the port number for HTTPS access to WebUI

Example

set admin-access interfaces LAN access true web-access-port 8080 ssh-access-port 9090 allowed-ipv4-addresses any