FORM_TITLE Change remote access settings DESCRIPTION For each of the options below, the private setting allows anyone from your local network to access your server. The public setting allows access from anywhere on the Internet. The no access setting disables access. To understand the security implications of changing these options from the default settings, you should read the user's guide section on remote access. SUCCESS The new remote access settings have been saved. ERROR_UPDATING Error occurred while updating system configuration. DISABLED Disabled YES Yes NO No OFF Off ENABLED Enabled NO_ACCESS No Access PASSWORD_LOGIN_PRIVATE Accept passwords only from local networks PASSWORD_LOGIN_PUBLIC Accept passwords from anywhere PUBLIC Allow public access (entire Internet) PRIVATE Allow access only from local networks LABEL_TELNET_ACCESS Telnet access LABEL_FTP_ACCESS FTP access LABEL_FTP_LOGIN FTP password access LABEL_PPTP Number of PPTP clients LABEL_SSH Secure shell access LABEL_SSH_ADMIN Allow administrative command line access over secure shell LABEL_SSH_PASSWORD_ACCESS Allow secure shell access using standard passwords DESC_SSH

Secure Shell Settings

You can control Secure Shell access to your server. The public setting should only be enabled by experienced administrators for remote problem diagnosis and resolution. We recommend leaving this parameter set to "No Access" unless you have a specific reason to do otherwise. ]]> DESC_FTP_ACCESS

FTP Settings

You can also control FTP access to your server. We recommend leaving this parameter set to 'no access' unless you have a specific reason to do otherwise.

Note: these settings limit access to the server and override other settings, including those for individual information bays.

]]> DESC_FTP_LOGIN Note: a secure shell sftp client can also be used to access the server, if remote access via the secure shell is enabled. This method of access protects the passwords and data of the FTP session, whereas standard FTP provides no protection.

]]> DESC_PPTP

PPTP Settings

You can allow PPTP access to your server. You should leave this feature disabled by setting the value to the number 0 unless you require PPTP access. ]]> SAVE Save VALUE_ZERO_OR_POSITIVE Value must be zero or a positive integer REMOTE_MANAGEMENT Remote Management VALIDFROM_DESC

{$REMOTE_MANAGEMENT}

It is possible to allow hosts on remote networks to access the server manager by entering those networks here. Use a subnet mask of 255.255.255.255 to limit the access to the specified host. Any hosts within the specified range will be able to access the server manager using HTTPS.

]]> DESC_VALID_FROM_ENTRIES To add a new remote management network, enter the details below. NETWORK Network SUBNET_MASK Subnet mask NUM_OF_HOSTS Number of hosts NO_ENTRIES_YET There are no entries yet INVALID_SUBNET_MASK Invalid subnet mask ERR_INVALID_PARAMS Either provide both a network and subnet mask, or leave both fields blank. ERR_NO_RECORD Unable to locate httpd-admin record in configuration db REMOVE Remove Security Security Remote access Remote access ACTION Action LABEL_SERIAL_CONSOLE_ACCESS Serial console DESC_SERIAL_CONSOLE_ACCESS

Serial console

You can allow access to the server console from a terminal connected to a server serial port.]]> PORT1_ENABLED Enabled on serial port 1 PORT2_ENABLED Enabled on serial port 2 LABEL_PPTP_ACCESS PPTP default user access DESC_TELNET_ACCESS

Telnet Settings

WARNING: Telnet is currently enabled, but this feature is no longer supported. Telnet is inherently insecure and should only be used in circumstances where no practical alternative exists. You should change option to {$NO_ACCESS} and use secure shell if remote access is required. Once disabled, telnet will no longer appear on this screen. ]]> DESC_IPSECRW IPSEC Client (Roadwarrior) Settings You can allow IPSEC client access to your server, authenticated by digital certificates. You should leave this feature disabled by setting the value to the number 0 unless you require IPSEC client access. ]]> LABEL_IPSECRW_SESS Number of IPSEC clients DESC_IPSECRW_RESET Any old certificates will no longer authenticate against the server, so all IPSEC clients will need to import a new certificate!. ]]> LABEL_IPSECRW_RESET Reset digital certificates