Secure GSLB | 1 |
NOTE
When you specify a TCP port for the key exchange communication, DO NOT use port 182, or the port that you configured for GSLB communication traffic. The default destination TCP port for key exchange is 56895.
To change default TCP port when doing public key exchange, enter a command such as the following:
ServerIronADX(config)# crypto
3.David connects to Bob's device and send his RSA public key. The fingerprint of the key is displayed on David's screen.
Public key for
Serial Number
Fingerprint 7355edda 95906e7e f04e38a3 61f640fa c2e61fa7
The command syntax is crypto
The <IP address> parameter specifies peer IP address this device talks to. The <name> parameter specifies the host name of local device. The <decimal> parameter specifies TCP port used for the key exchange communication, such as the following:
ServerIronADX(config)# crypto
4.Bob receives David's public key. The fingerprint is printed on Bob's screen. Both Bob and David read out the fingerprint and verify they match.
Public key for
Serial Number
Fingerprint 7355edda 95906e7e f04e38a3 61f640fa c2e61fa7
Add this public key to the configuration?(enter 'y' or 'n'):
If they are the same, Bob answers `Y' to accept David's public key.
5. David waits for Bob to send his public key.
Wait for peer to send a key(enter 'y' or 'n'): y
Waiting ....
6. Bob sends back his public key.
Send peer a key in return(enter 'y' or 'n'): y
Public key for
Serial Number
Fingerprint 92c8e6a2 cfe214e8 2645886f 2c7c6379 e0bfd96e
7.On David's device, Bob's fingerprint is displayed. Once again, both Bob and David read out the fingerprint to verify the key.
Public key for
Serial Number
Fingerprint 92c8e6a2 cfe214e8 2645886f 2c7c6379 e0bfd96e
8. David accepts Bob's public key and adds it to his database. The key exchange is complete.
Add this public key to the configuration?(enter 'y' or 'n'): y
ServerIron ADX Global Server Load Balancing Guide | 61 |
|