7.0
Table Of Contents
- Deploying and Configuring Access Point
- Contents
- Deploying and Configuring Access Point
- Introduction to Access Point
- System Requirements and Deployment
- Configuring Access Point
- Collecting Logs from the Access Point Appliance
- Setting Up Smart Card Authentication
- Setting Up Two-Factor Authentication
- Index
In this example, P@ssw0rd is a password that is at least 8 characters long, contains at least one uppercase
and one lowercase letter, one digit, and one special character, which includes ! @ # $ % * ( ).
When the admin server reboots, it generates the following message in
the /opt/vmware/gateway/logs/admin.log file: Successfully set initial settings from
firstboot.properties.
What to do next
You can now log in to the REST administration interface using the user name admin and the password that
you just set (for example, P@ssw0rd).
Configuration Settings for System Settings and Server Certificates
Use the Access Point REST API properties to configure which security certificates, protocols, and cipher
suites are used, set up smart card authentication, and more.
You can use the properties in the following tables to make configuration changes after the Access Point
appliance is deployed, or you can alternatively use the OVF Tool property called
--X:enableHiddenProperties=settingsJSON with some of these properties to configure the appliance at
deployment time. For more information about how to use Access Point with the OVF Tool, see “Access
Point Deployment Properties,” on page 27.
System Settings
These settings are included in the SystemSettings resource. The URL is
https://access-point-appliance.example.com:9443/rest/v1/config/system
In this URL, access-point-appliance.example.com is the fully qualified domain name of the Access Point
appliance.
Table 3‑1. REST API Properties for the SystemSettings Resource
REST API Property Description and Example Default Value
adminPassword
Specifies the administrator password for accessing
the REST API. Passwords must be at least 8
characters long, contain at least one uppercase and
one lowercase letter, one digit, and one special
character, which includes ! @ # $ % * ( ).
(Not set unless set by the deployment
wizard or OVF Tool.)
cipherList
Configures the cipher list to restrict the use of certain
cryptographic algorithms before establishing an
encrypted TLS/SSL connection. This setting is used in
conjunction with the settings for enabling various
security protocols.
TLS_ECDHE_RSA_WITH_AES_128_CBC
_SHA256,TLS_ECDHE_RSA_WITH_AES
_128_CBC_SHA,TLS_RSA_WITH_AES_1
28_CBC_SHA
ssl30Enabled
Specifies whether the SSLv3.0 security protocol is
enabled.
FALSE
tls10Enabled
Specifies whether the TLSv1.0 security protocol is
enabled.
FALSE
tls11Enabled
Specifies whether the TLSv1.1 security protocol is
enabled.
TRUE
tls12Enabled
Specifies whether the TLSv1.2 security protocol is
enabled.
TRUE
Chapter 3 Configuring Access Point
VMware, Inc. 33