Chapter 18 Configuring SGM Security
Limiting SGM Client Access to the SGM Server (Solaris Only)
•To remove an SSL certificate from the SGM client, launch the SGM SSL Certificate Tool. SGM lists each imported certificate. Select the certificate you want to remove, and click Remove. SGM deletes the certificate from the list.
See the “Importing an SSL Certificate to an SGM Client” section on
page
Limiting SGM Client Access to the SGM Server (Solaris Only)
By default, when you first install SGM, all SGM client IP addresses are allowed to connect to the SGM server. However, SGM enables you to limit client access to the server by creating and maintaining the ipaccess.conf file.
You can create the ipaccess.conf file and populate it with a list of SGM client IP addresses that can connect to the SGM server. SGM allows connections from only those clients, plus the local host. If the file exists but is empty, SGM allows connections only from the local host. (SGM always allows connections from the local host.)
When you first install SGM, the ipaccess.conf file does not exist and SGM allows all client IP addresses to connect to the SGM server. To create the ipaccess.conf file and work with the list of allowed client IP addresses, use the following procedure:
Step 1 Log in as the root user, as described in the “Becoming the Root User (Solaris Only)” section on page
Step 2 Enter the following command:
# cd /opt/CSCOsgm/bin
| Cisco Signaling Gateway Manager User Guide |
|