Avocent Cyclades ACS User's Guide download pdf (Page 34)

The console server will automatically reboot. During the reboot, the console server will erase

SSHkeys, update the configuration of HTTPD, SSHD, ADSAP2d and SNMPD files and test

the integrity of the FIPSObject Module. Once the reboot is complete, the console server will

accept SSH and HTTPSconnections using only FIPS-approved ciphers.

When FIPS is enabled the following restrictions apply:

For SSH sessions:

• Protocol version 1 will be disabled.

• Triple-DES CBS and AES 128/192/256 CBSare the only encryption ciphers that

will be accepted.

• HMAC-SHA1 and HMAC-SHA1-96 are the only message integrity algorithms

that will be accepted.

• Only RSAkeys 1024 to 16384 bits will be accepted.

HTTPSsessions will accept only the SSL v 3.1(TLSv1) protocol to establish the

SSLtunnel with one of the following encryption ciphers:

• AES-256-SHA

• AES-128-SHA

• Triple DESSHA (DES-CBC3-SHA)

SNMPversion 3 requests will be accepted when authentication is SHAand the

encryption cipher is AES.

Bootp Configuration Retrieval

You can set your consoleserver to be reconfigured during boot or at IPrenewal.

To generate configuration to be retrieved:

1. Click System Tools - Save Configuration and save the configuration to either an FTPsite

or locally.

-or-

Use the list_configuration command to get the CLItemplate scripts, edit the

configuration of the console server and save it as a text file.

-or-

Edit a file with CLI commands and save it.

2. Transfer the saved file to a DHCPserver.

3. Configure the DHCP server to transfer the configuration file to the console server.

26 Cyclades™ ACS 6000 Advanced Console Server Installation/Administration/User Guide

1 2 ... 29 30 31 32 33 34 35 36 37 38 39 ... 99 100

No comments

Avocent Cyclades ACS User's Guide Page 34