Teltonika Networks Wiki

Changes

Template:Networking rutos manual administration (view source)

Revision as of 11:26, 2 September 2024

1,459 bytes added ,  2 September
→‎Access Control
Line 266: Line 266:  
----
 
----
 
The <b>Access Control</b> page is used to manage {{#switch:{{{series}}}|TAP100|TAP200=|#default= remote and}} local access to device.
 
The <b>Access Control</b> page is used to manage {{#switch:{{{series}}}|TAP100|TAP200=|#default= remote and}} local access to device.
 +
 +
{{#switch:{{{series}}}
 +
|TAP100|TAP200 = [[File:Networking rutos manual administration access control general tap v1.png|border|class=tlt-border]]
 +
|#default = [[File:Networking rutos manual administration access control general v1.png|border|class=tlt-border]]}}
    
{{#switch:{{{series}}}|TAP100|TAP200=|#default=<b>Important</b>: turning on remote access leaves your device vulnerable to external attackers. Make sure you use a strong password.
 
{{#switch:{{{series}}}|TAP100|TAP200=|#default=<b>Important</b>: turning on remote access leaves your device vulnerable to external attackers. Make sure you use a strong password.
Line 271: Line 275:  
<b>SSH</b>
 
<b>SSH</b>
 
----{{#switch:{{{series}}}
 
----{{#switch:{{{series}}}
|TAP100|TAP200 = [[File:Networking_rutos_manual_administration_access_control_general_ssh_tap100_v2.png|border|class=tlt-border]]
+
|TAP100|TAP200 = [[File:Networking_rutos_manual_administration_access_control_general_ssh_tap100_v3.png|border|class=tlt-border]]
|#default = [[File:Networking_rutos_manual_administration_access_control_general_ssh_v2.png|border|class=tlt-border]]}}
+
|#default = [[File:Networking_rutos_manual_administration_access_control_general_ssh_v3.png|border|class=tlt-border]]}}
    
<table class="nd-mantable">
 
<table class="nd-mantable">
Line 311: Line 315:  
</table>
 
</table>
 
<br>
 
<br>
<b>WebUI</b>
+
<b>HTTP</b>
 
----{{#switch:{{{series}}}
 
----{{#switch:{{{series}}}
|TAP100|TAP200 = [[File:Networking rutos manual administration access control general webui tap100 v2.png|border|class=tlt-border]]
+
|TAP100|TAP200 = [[File:Networking rutos manual administration access control general http tap v1.png|border|class=tlt-border]]
|#default = [[File:Networking_rutos_manual_administration_access_control_general_webui_v2.png|border|class=tlt-border]]}}
+
|#default = [[File:Networking rutos manual administration access control general http v1.png|border|class=tlt-border]]}}
    
<table class="nd-mantable">
 
<table class="nd-mantable">
Line 326: Line 330:  
         <td>off {{!}} on; default: <b>on</b></td>
 
         <td>off {{!}} on; default: <b>on</b></td>
 
         <td>Turns HTTP access from the local network (LAN) to the device WebUI on or off.</td>
 
         <td>Turns HTTP access from the local network (LAN) to the device WebUI on or off.</td>
 +
    </tr>{{#switch:{{{series}}}|TAP100|TAP200=|#default=
 +
    <tr>
 +
        <td>Enable remote HTTP access</td>
 +
        <td>off {{!}} on; default: <b>off</b></td>
 +
        <td>Turns HTTP access from remote networks (WAN) to the device WebUI on or off.</td>
 +
    </tr>}}
 +
    <tr>
 +
        <td>HTTP Port</td>
 +
        <td>integer [0..65535]; default: <b>80</b></td>
 +
        <td>Selects which port to use for HTTP access.</td>
 +
    </tr>{{#switch:{{{series}}}|TAP100|TAP200=|#default=
 +
    <tr>
 +
        <td>Ignore private IPs on public interface</td>
 +
        <td>off {{!}} on; default: <b>on</b></td>
 +
        <td>Prevent access from private (RFC1918) IPs on an interface if it has an public IP address.</td>
 +
    </tr>}}
 +
</table>
 +
 +
<br>
 +
<b>HTTPS/b>
 +
----{{#switch:{{{series}}}
 +
|TAP100|TAP200 = [[File:Networking rutos manual administration access control general https tap v1.png|border|class=tlt-border]]
 +
|#default = [[File:Networking rutos manual administration access control general https v1.png|border|class=tlt-border]]}}
 +
 +
<table class="nd-mantable">
 +
    <tr>
 +
        <th>Field</th>
 +
      <th>Value</th>
 +
      <th>Description</th>
 
     </tr>
 
     </tr>
 
     <tr>
 
     <tr>
Line 336: Line 369:  
         <td>off {{!}} on; default: <b>off</b></td>
 
         <td>off {{!}} on; default: <b>off</b></td>
 
         <td>Redirects connection attempts from HTTP to HTTPS.</td>
 
         <td>Redirects connection attempts from HTTP to HTTPS.</td>
    </tr>{{#switch:{{{series}}}|TAP100|TAP200=|#default=
  −
    <tr>
  −
        <td>Enable remote HTTP access</td>
  −
        <td>off {{!}} on; default: <b>off</b></td>
  −
        <td>Turns HTTP access from remote networks (WAN) to the device WebUI on or off.</td>
  −
    </tr>}}
  −
    <tr>
  −
        <td>Port</td>
  −
        <td>integer [0..65535]; default: <b>80</b></td>
  −
        <td>Selects which port to use for HTTP access.</td>
   
     </tr>{{#switch:{{{series}}}|TAP100|TAP200=|#default=
 
     </tr>{{#switch:{{{series}}}|TAP100|TAP200=|#default=
 
     <tr>
 
     <tr>
Line 353: Line 376:  
     </tr>}}
 
     </tr>}}
 
     <tr>
 
     <tr>
         <td>Port</td>
+
         <td>HTTPS Port</td>
 
         <td>integer [0..65535]; default: <b>443</b></td>
 
         <td>integer [0..65535]; default: <b>443</b></td>
 
         <td>Selects which port to use for HTTPS access.</td>
 
         <td>Selects which port to use for HTTPS access.</td>
Line 377: Line 400:  
         <td>Server key file.</td>
 
         <td>Server key file.</td>
 
     </tr>}}
 
     </tr>}}
 +
    <tr>
 +
        <td>Certificate file</td>
 +
        <td>.crt; default: <b>uhttpd.crt</b></td>
 +
        <td>Download certificate file from device. Used for browsers to reach HTTPS connection.</td>
 +
    </tr>
 
</table>
 
</table>
 +
 
<br>
 
<br>
 
<b>CLI</b>
 
<b>CLI</b>
 
----{{#switch:{{{series}}}
 
----{{#switch:{{{series}}}
|TAP100|TAP200 = [[File:Networking_rutos_manual_administration_access_control_general_cli_tap100.png|border|class=tlt-border]]
+
|TAP100|TAP200 = [[File:Networking_rutos_manual_administration_access_control_general_cli_tap100_v2.png|border|class=tlt-border]]
|#default = [[File:Networking_rutos_manual_administration_access_control_general_cli.png|border|class=tlt-border]]}}
+
|#default = [[File:Networking_rutos_manual_administration_access_control_general_cli_v2.png|border|class=tlt-border]]}}
    
<table class="nd-mantable">
 
<table class="nd-mantable">
Line 414: Line 443:  
<b>Telnet</b>
 
<b>Telnet</b>
 
----
 
----
[[File:Networking_rutos_manual_administration_access_control_general_telnet.png|border|class=tlt-border]]
+
[[File:Networking_rutos_manual_administration_access_control_general_telnet v2.png|border|class=tlt-border]]
    
<table class="nd-mantable">
 
<table class="nd-mantable">
Line 443: Line 472:  
<b>Note:</b> PAM is additional software that can be installed from the <b>System → [[{{{name}}} Package Manager|Package Manager]]</b> page.
 
<b>Note:</b> PAM is additional software that can be installed from the <b>System → [[{{{name}}} Package Manager|Package Manager]]</b> page.
   −
[[File:Networking_rutos_manual_administration_access_control_pam_v2.png|border|class=tlt-border]]
+
[[File:Networking_rutos_manual_administration_access_control_pam_v3.png|border|class=tlt-border]]
    
====Modify PAM Auth====
 
====Modify PAM Auth====
 
----
 
----
[[File:Networking_rutos_manual_administration_access_control_pam_modify_pam_auth_v1.png|border|class=tlt-border]]
+
[[File:Networking_rutos_manual_administration_access_control_pam_modify_pam_auth_v2.png|border|class=tlt-border]]
    
<table class="nd-mantable">
 
<table class="nd-mantable">
Line 474: Line 503:  
         <td>off {{!}} on; default: <b>off</b></td>
 
         <td>off {{!}} on; default: <b>off</b></td>
 
         <td>Turn on PAM authentication for all users. It will allow login with users that are not created on the device.</td>
 
         <td>Turn on PAM authentication for all users. It will allow login with users that are not created on the device.</td>
 +
    </tr>
 +
    <tr>
 +
        <td><span style="color:red">Radius</span>: Require Message-Authenticator</td>
 +
        <td>off {{!}} on; default: <b>on</b></td>
 +
        <td>Require and validate Message-Authenticator RADIUS attribute on Access-Request replies.</td>
 
     </tr>
 
     </tr>
 
     <tr>
 
     <tr>
Line 503: Line 537:  
<b>IP Block Settings</b>  
 
<b>IP Block Settings</b>  
 
----
 
----
[[File:Networking_rutos_manual_administration_access_control_security_v4.png|border|class=tlt-border]]
+
[[File:Networking rutos manual administration access control security settings v1.png|border|class=tlt-border]]
 
<table class="nd-mantable">
 
<table class="nd-mantable">
 
     <tr>
 
     <tr>
Line 585: Line 619:  
{{#switch:{{{series}}}|TAP100|TAP200= ===Device Pairing===
 
{{#switch:{{{series}}}|TAP100|TAP200= ===Device Pairing===
 
----
 
----
[[File:Networking_rutos_manual_administration_access_control_pairing_v2.png|border|class=tlt-border]]
+
[[File:Networking_rutos_manual_administration_access_control_pairing_v3.png|border|class=tlt-border]]
 
<table class="nd-mantable">
 
<table class="nd-mantable">
 
     <tr>
 
     <tr>
Retrieved from "https://wiki.teltonika-networks.com/view/Special:MobileDiff/131768"