NOTE:
You must manually configure the IP address for the management port that you are using
before you save your initial configuration. When you save the configuration for the first time,
you will lose the connection to the services gateway if you have not manually configured the IP
address. If you lose the connection through the management interface, you must connect through
the console port.
RELATED DOCUMENTATION
Connecting to the SRX550 Services Gateway from the CLI Locally | 102
Connecting to the SRX550 Services Gateway from the CLI Remotely | 104
SRX550 Services Gateway Secure Web Access Overview
You can manage a services gateway remotely through the J-Web interface. To communicate with the
services gateway, the J-Web interface uses Hypertext Transfer Protocol (HTTP). HTTP allows easy Web
access but does not include encryption. The data transmitted between the client and the services gateway
by means of HTTP is vulnerable to interception and attack. To enable secure Web access, a services
gateway supports HTTP over Secure Sockets Layer (HTTPS). You can enable HTTP or HTTPS access on
specific interfaces and ports as needed.
The services gateway uses the SSL protocol to provide secure management of services gateways through
the J-Web interface. SSL uses public-private key technology, which requires a paired private key and an
authentication certificate to provide the SSL service. SSL encrypts communication between your device
and the Web browser with a session key negotiated by the SSL server certificate.
An SSL certificate includes identifying information such as a public key and a signature made by a certificate
authority (CA). When you access the services gateway through HTTPS, an SSL handshake authenticates
the server and the client and begins a secure session. If the information does not match or if the certificate
has expired, your access to the services gateway through HTTPS is restricted.
Without SSL encryption, communication between your services gateway and the browser is sent in the
open and can be intercepted. We recommend that you enable HTTPS access on your WAN interfaces.
On services gateways, HTTP access is enabled by default on the built-in management interfaces. By default,
HTTPS access is supported on any interface with an SSL server certificate.
You can use the J-Web interface or the CLI to configure secure Web access.
Before you configure secure Web access for the first time, you must complete the following tasks:
101
Summary of Contents for SRX550
Page 1: ...SRX550 Services Gateway Hardware Guide Published 2020 12 16...
Page 55: ...39...
Page 178: ...162...
Page 182: ...Restricted Access Warning 166...
Page 196: ...Jewelry Removal Warning 180...
Page 199: ...Operating Temperature Warning 183...
Page 206: ...190...
Page 210: ...194...
Page 213: ...197...