System information

General System Configuration

Setting Management Access Controls

To provide more security for the access point, management interfaces that are

not required can be disabled. This includes the Web, Telnet, and Secure Shell

(SSH), as well as the serial console port and Reset button.

No t e The access point’s serial port and Reset button cannot be disabled at the same

time. When the Reset button is disabled, it is not possible to disable the serial

port.

HTTP and HTTPS. The access point supports both a Web (HTTP) and

secure Web (HTTPS) browser interface. The secure hypertext transfer

protocol (HTTPS) over the Secure Socket Layer (SSL) provides a secure

encrypted connection to the access point’s Web interface. Both the HTTP and

HTTPS service can be enabled independently, but you cannot configure the

HTTP and HTTPS servers to use the same TCP port.

If you change the HTTPS port number from the standard default, clients

attempting to connect to the HTTPS server must specify the port number in

the URL, in this format: https://device:port_number

Secure Shell (SSH). Telnet is a remote management tool that can be used

to configure the access point from anywhere in the network. However, Telnet

is not secure from hostile attacks. SSH can act as a secure replacement for

Telnet. The SSH protocol uses generated public keys to encrypt all data

transfers passing between the access point and SSH-enabled management

station clients and ensures that data traveling over the network arrives unal-

tered. Clients can then securely use the local user name and password for

access authentication.

Note that SSH client software needs to be installed on the management station

to access the access point for management via the SSH protocol.

No t e The access point supports only SSH version 2.0.

After boot up, the SSH server needs about two minutes to generate host

encryption keys. The SSH server is disabled while the keys are being gener-

ated.

5-7