ComboXCAT-IP User Guide
74
Rackit Technology Corporation – www.rackittechnology.com – 1-800-636-3434
Force HTTPS
If this option is enabled access to the web front-end is only possible using an HTTPS
connection. ComboXCAT-IP will not listen on the HTTP port for incoming
connections.
In case you want to create your own SSL certificate that is used to identify
ComboXCAT-IP refer to the Section called
Certificate
.
KVM Encryption
This option controls the encryption of the RFB protocol. RFB is used by the Remote
Console to transmit both the screen data to the administrator machine and keyboard
and mouse data back to the host. If set to "Off" no encryption will be used. If set to
"Try" the applet tries to make an encrypted connection. In case connection
establishment fails for any reason an unencrypted connection will be used.
If set to "Force" the applet tries to make an encrypted connection with certificate. An
error will be reported in case connection establishment fails.
Group-Based System Access Control
This is the IP filtering function, it keeps unauthorized hosts from accessing to
ComboXCAT-IP by specifying IP filtering rules. It is important to fully understand what
an IP filter is. If you don't fully understand this, you will get unexpected results against
your original plan.
Chain Rule
The
Chain rule
determines whether the access from the hosts is allowed or not. It
can be one of these two values:
■
ACCEPT : access allowed
■
DROP : access not allowed
The rule can be configured to apply to a particular Group level (All, User, Super,
Administrator).
When ComboXCAT-IP receives a TCP packet, it will process the packet with the
chain rule depicted below. The process ordering is important; The packet will enter
the chain rule 1 first, if meet the rule then take action directly, otherwise go to chain
rule 2.
