set admin-access

Description

Configures various parameters for administrator access to the device via web/SSH.

Syntax

set admin-access [ interfaces { Wireless access <access> | VPN access <access> | LAN access <access> | any access { allow | block } | WAN access <access> } ] [ web-access-port <web-access-port> ] [ ssh-access-port <ssh-access-port> ] [ support-weak-tls-version <support-weak-tls-version> ] [ allowed-ipv4-addresses <allowed-ipv4-addresses> ]

Parameters

Parameter	Description
access	Enable administrator access from the Internet (clear traffic from external interfaces) Type: Boolean (true/false)
allowed-ipv4- addresses	Administrator access permissions policy for source IP addresses Options: any, from-ip-list, any-except-internet
ssh-access-port	SSH Port Type: Port number
support-weak-tls- version	For security reasons, it is highly recommended never to change this parameter's value. Support of TLSv1.0 will be added back to the administration portal to allow connectivity with old browsers (usually ones released prior to 2014). Changing the default of this parameter exposes the administration portal to at- tacks that use vulnerabilities like Heartbleed (CVE-2014-0160). Type: Boolean (true/false)
web-access-port	Web Port (HTTPS) Type: Port number

Example

set admin-access interfaces Wireless access true web-access-port 8080 ssh-access-port 8080 support-weak-tls-version true allowed-ipv4-addresses any