Chapter 41 System
UAG5100 User’s Guide
408
41.7.3 HTTPS
You can set the UAG to use HTTP or HTTPS (HTTPS adds security) for Web Configurator sessions.
Specify which zones allow Web Configurator access and from which IP address the access can
come.
HTTPS (HyperText Transfer Protocol over Secure Socket Layer, or HTTP over SSL) is a web protocol
that encrypts and decrypts web pages. Secure Socket Layer (SSL) is an application-level protocol
that enables secure transactions of data by ensuring confidentiality (an unauthorized party cannot
read the transferred data), authentication (one party can identify the other party) and data
integrity (you know if data has been changed).
It relies upon certificates, public keys, and private keys (see
for more
information).
HTTPS on the UAG is used so that you can securely access the UAG using the Web Configurator. The
SSL protocol specifies that the HTTPS server (the UAG) must always authenticate itself to the
HTTPS client (the computer which requests the HTTPS connection with the UAG), whereas the
HTTPS client only should authenticate itself when the HTTPS server requires it to do so (select
Authenticate Client Certificates in the WWW screen). Authenticate Client Certificates is
optional and if selected means the HTTPS client must send the UAG a certificate. You must apply for
a certificate for the browser from a CA that is a trusted CA on the UAG.
Please refer to the following figure.
1
HTTPS connection requests from an SSL-aware web browser go to port 443 (by default) on the
UAG’s web server.
2
HTTP connection requests from a web browser go to port 80 (by default) on the UAG’s web server.
Figure 270
HTTP/HTTPS Implementation
Note: If you disable HTTP in the WWW screen, then the UAG blocks all HTTP connection
attempts.
41.7.4 Configuring WWW Service Control
Click Configuration > System > WWW to open the WWW screen. Use this screen to specify
from which zones you can access the UAG using HTTP or HTTPS. You can also specify which IP
addresses the access can come from.