
Chapter 29 Access Control
GS-2724 User’s Guide
199
The client automatically saves any new server public keys. In subsequent connections,
the server public key is checked against the saved version on the client computer.
2
Encryption Method
Once the identification is verified, both the client and server must agree on the type of
encryption method to use.
3
Authentication and Data Transmission
After the identification is verified and data encryption activated, a secure tunnel is
established between the client and the server. The client then sends its authentication
information (user name and password) to the server to log in to the server.
29.6 SSH Implementation on the Switch
Your Switch supports SSH version 2 using RSA authentication and three encryption methods
(DES, 3DES and Blowfish). The SSH server is implemented on the Switch for remote
management and file transfer on port 22. Only one SSH connection is allowed at a time.
29.6.1 Requirements for Using SSH
You must install an SSH client program on a client computer (Windows or Linux operating
system) that is used to connect to the Switch over SSH.
29.7 Introduction to HTTPS
HTTPS (HyperText Transfer Protocol over Secure Socket Layer, or HTTP over SSL) is a web
protocol that encrypts and decrypts web pages. Secure Socket Layer (SSL) is an application-
level protocol that enables secure transactions of data by ensuring confidentiality (an
unauthorized party cannot read the transferred data), authentication (one party can identify the
other party) and data integrity (you know if data has been changed).
It relies upon certificates, public keys, and private keys.
HTTPS on the Switch is used so that you may securely access the Switch using the web
configurator. The SSL protocol specifies that the SSL server (the Switch) must always
authenticate itself to the SSL client (the computer which requests the HTTPS connection with
the Switch), whereas the SSL client only should authenticate itself when the SSL server
requires it to do so. Authenticating client certificates is optional and if selected means the SSL-
client must send the Switch a certificate. You must apply for a certificate for the browser from
a CA that is a trusted CA on the Switch.
Please refer to the following figure.
1
HTTPS connection requests from an SSL-aware web browser go to port 443 (by default)
on the Switch’s WS (web server).
2
HTTP connection requests from a web browser go to port 80 (by default) on the Switch’s
WS (web server).
Summary of Contents for GS-2724
Page 1: ...www zyxel com GS 2724 Ethernet Switch User s Guide Version 3 70 4 2007 Edition 1 ...
Page 2: ......
Page 7: ...Safety Warnings GS 2724 User s Guide 7 ...
Page 8: ...Safety Warnings GS 2724 User s Guide 8 ...
Page 22: ...Table of Contents GS 2724 User s Guide 22 ...
Page 30: ...List of Tables GS 2724 User s Guide 30 ...
Page 32: ...32 ...
Page 36: ...Chapter 1 Getting to Know Your Switch GS 2724 User s Guide 36 ...
Page 40: ...Chapter 2 Hardware Installation and Connection GS 2724 User s Guide 40 ...
Page 46: ...Chapter 3 Hardware Overview GS 2724 User s Guide 46 ...
Page 48: ...48 ...
Page 58: ...Chapter 4 The Web Configurator GS 2724 User s Guide 58 ...
Page 64: ...Chapter 5 Initial Setup Example GS 2724 User s Guide 64 ...
Page 70: ...Chapter 6 System Status and Port Statistics GS 2724 User s Guide 70 ...
Page 84: ...84 ...
Page 94: ...Chapter 8 VLAN GS 2724 User s Guide 94 Figure 36 Port Based VLAN Setup All connected ...
Page 126: ...Chapter 16 Port Authentication GS 2724 User s Guide 126 ...
Page 130: ...Chapter 17 Port Security GS 2724 User s Guide 130 ...
Page 136: ...Chapter 18 Classifier GS 2724 User s Guide 136 Figure 58 Classifier Example ...
Page 139: ...Chapter 19 Policy Rule GS 2724 User s Guide 139 Figure 59 Policy ...
Page 145: ...Chapter 20 Queuing Method GS 2724 User s Guide 145 ...
Page 146: ...Chapter 20 Queuing Method GS 2724 User s Guide 146 ...
Page 152: ...Chapter 21 VLAN Stacking GS 2724 User s Guide 152 ...
Page 166: ...166 ...
Page 183: ...Chapter 27 DHCP GS 2724 User s Guide 183 Figure 89 DHCP Relay Configuration Example ...
Page 184: ...Chapter 27 DHCP GS 2724 User s Guide 184 ...
Page 186: ...186 ...
Page 210: ...Chapter 31 Syslog GS 2724 User s Guide 210 ...
Page 224: ...Chapter 36 Routing Table GS 2724 User s Guide 224 ...
Page 228: ...228 ...
Page 262: ...Chapter 38 Introducing Commands GS 2724 User s Guide 262 ...
Page 296: ...Chapter 42 IEEE 802 1Q Tagged VLAN Commands GS 2724 User s Guide 296 ...
Page 300: ...Chapter 44 Routing Domain Command Examples GS 2724 User s Guide 300 ...
Page 304: ...304 ...
Page 312: ...Appendix B Changing a Fuse GS 2724 User s Guide 312 ...
Page 332: ...Appendix E Common Services GS 2724 User s Guide 332 ...
Page 336: ...Appendix F Legal Information GS 2724 User s Guide 336 ...
Page 348: ...Index GS 2724 User s Guide 348 ...