3Com 3250, 3226 SSH Management, Https Management, Saving Configuration, Device Backup and Restore

Page 11

minimum sampling period of 10 seconds and a minimum hysteresis of 20%.

SSH Management

The SSH server in the unit will reject all connection requests unless the unit has a SSH host key. This host key may be generated using the Security > Device > SSH > Server Auth > Key Gen command on the Web interface. You may wish to keep a record of the host key to allow you to confirm the identity of the switch when connecting remotely using SSH.

If the unit reboots while using SSH you may have to manually restart your SSH client to reconnect once the unit has restarted.

HTTPS Management

The secure Web server on the unit is supplied with a default certificate which will fail the browsers security checks and an error message like the following will be generated:

The name on the security certificate is

invalid or does not match the name of the

site.

It is not possible for 3Com to ship a certificate with the unit that will satisfy these security checks. The browser will normally allow you to accept the connection regardless. All of the data which is sent between the browser and the unit will be securely encrypted. You may upload your own valid certificate to the switch if you want to avoid these warnings. The software to generate these certificates is beyond the scope of this document.

Points to Note when using the Switch 3226 and Switch 3250

11

The presence of both a secure (HTTPS) and insecure (HTTP) Web interface on a single unit causes some browsers to incorrectly report the following warning message:

This page contains both secure and insecure

items. Do you wish to proceed?

This warning message may be safely ignored. All traffic to and from the unit using the HTTPS interface is encrypted. Alternatively you may try clearing the Web cache or upgrading your browser to the latest version.

Saving Configuration

When making configuration changes to the Switch, do not reboot or turn off the unit for at least 10 seconds after the last configuration change. If the unit is rebooted or switched off before the 10 seconds is complete the configuration changes may be lost.

Device Backup and Restore

When the unit backs up the configuration file a number of security sensitive settings such as the user accounts, RADIUS shared secret and community strings are not backed up. The comments in the configuration file indicate that these commands may be manually appended to the end of the file. Contrary to these instructions, 3Com recommends that you restore the un-edited configuration file and manually reconfigure the security parameters using the CLI or Web interface.

In some scenarios backing up the configuration on one unit and restoring it on another will cause the

Page 10 Page 12
Image 11
Page 10 Page 12
Contents About this Software Version Related DocumentationSoftware License Agreement Web Interface Errors and OmissionsEnhancements and Fixes for Known Faults VLANs Command Line Interface802.1x Network login authentication Traffic PrioritizationBinding an ACL to a port fails occasionally Rmon history statistics and Web port history statisticsSoftware Version Number Static port security and the bridge MAC address table3Com Network Supervisor Discovery Updating the Switch SoftwareConfiguring Link Aggregations Points to Note when using the Switch 3226 and SwitchPoints to Note when Upgrading Software Password RecoveryLink aggregation and Gigabit ports Port Security and AuthenticationTelnet and HyperTerminal SFP Modules IP Configuration and RoutingAccess Control Lists Management via Snmp / MIBs Vlan ConfigurationHttps Management Saving ConfigurationDevice Backup and Restore SSH ManagementRoving Analysis Port Spanning TreeAutonegotiation of Port Speed and Duplex Combination PortsSupported SFP Modules Start-up Time3Com Network Supervisor Known Interoperability Issues
Top Page Image Contents