set admin-access

In the R81.10.X releases, this command is available starting from the R81.10.00 version.

Description

Configures various parameters for administrator access to the appliance through WebUI and SSH.

See show admin-access.

Syntax

set admin-access

[ allowed-ipv4-addresses {any | any-except-internet | from-ip-list} ]

[ interfaces any access {allow | block} ]

[ interfaces LAN access {true | false} ]

[ interfaces VPN access {true | false} ]

[ interfaces WAN access {true | false} ]

[ interfaces Wireless access {true | false} ]

[ ssh-access-port <ssh-access-port> ]

[ support-weak-tls-version {true | false} ]

[ web-access-port <web-access-port> ]

Parameters

Parameter

Description

{true | false}

Enables (true) or disables (false) administrator access through the specified interface

allowed-ipv4- addresses

Configures the administrator access permissions policy for source IP addresses

interfaces

Specifies the interface, through which the access is allowed

ssh-access-port

Configures the port number for SSH access

support-weak-tls- version

Best Practice - For security reasons, it is highly recommended to keep the default value "false". Changing the value to "true" exposes the administration portal to at- tacks that use vulnerabilities like Heartbleed (CVE-2014-0160).

If you configure the value "true", support of TLSv1.0 is added back to the administration portal to allow connectivity with old web browsers (usually, those released prior to 2014).

web-access-port

Configures the port number for HTTPS access to WebUI

Example Command

set admin-access interfaces LAN access true web-access-port 8080 ssh-access-port 9090 allowed-ipv4-addresses any