Use this screen to enable or disable network services on the corporate LAN interface to the Avaya media server. You can activate or deactivate these services as needed to control features or access to the media server. Changes made on this interface do not affect services on the other Ethernet interfaces. This topic covers:
Do not attempt
to disable a service unless you understand what it is and how it affects
access to or operation of your Avaya media server. You could potentially
block all access to the server from the corporate LAN interface by disabling
the FTP, SSH, telnet, or www (http) network features.
To check or change the services allowed on the corporate LAN Ethernet interface:
In the main menu of the web administration interface under Security, click the Set LAN Security link.
The Set LAN Security screen appears. The screen displays:
Ethernet interface: The currently assigned Ethernet interface for the corporate LAN is indicated at the top of the screen (for example, eth4).
Status of service: A list of the most commonly used services appears on the first page. Their current status is shown: either enabled (checked) or disabled (checkbox clear).
To display a complete list of all services available
for this interface, click the Advanced Setting button.
Name of service: The name of the service is listed. These are standard Linux services. For details on their operation and use, refer to published Linux documentation.
Port and protocol: The Service column shows what port on the Ethernet interface this service uses, and what protocol it uses. Common protocols include Transmission Control Protocol (TCP) and User Datagram Protocol (UDP).
To change the service-activation status:
Disable. Clear the checkbox to disable this service on the corporate LAN interface.
Enable. Check the box to activate a service on the corporate LAN interface.
View all services. Click the Advanced Setting button to adjust the status of a service that is not listed on the first page. This screen redisplays, listing all the Linux services available for this Ethernet interface.
Scroll down the page to locate the service of interest. If you have difficulty locating it, scroll to the top of the page and use your browser's Find in Page feature.
When the service is located, either check or clear the box to enable or disable the service as needed.
Do
not attempt to disable a service unless you understand what it
is and how it affects access to or operation of your Avaya media server.
You could potentially block all access to the server from the corporate
LAN interface by disabling the FTP, SSH, telnet, or www (http and https)
network features. See Description
of common services below.
When finished, click the Set Security button.
The screen lists a confirmation message for every service status that was successfully changed.
If an error message appears, contact the LAN administrator for network debugging.
To display this screen again to verify your changes, click the Set LAN Security link on the main menu again.
The most commonly used services have the following functions and potential service impacts. Refer to published Linux documentation for details about the services that appear on the Advanced Setting page.
File Transfer Protocol (FTP): used for uploading or downloading data files, announcements, license files, or firmware.
Secure shell (SSH): A secure shell (SSH) remote interface utility can be used as an alternative to telnet. SSH commands and passwords are encrypted, and both ends of the client/server connection are authenticated through a digital certificate. The SSH suite includes a secure copy (SCP) program that can be used as an alternative to FTP. The SSH and SCP utilities provide greater security than FTP and telnet, and should be used if available.
Telecommunications network (telnet): provides a command-line interface for running server platform commands and applications such as SAT.
Simple Mail Transfer Protocol (SMTP): supports email service across the web.
World Wide Web (WWW): enables Hypertext Transport Protocol (HTTP), which is required for communication with a web browser (such as the one you are using to view these pages).
Network Time Protocol (NTP): allows the Avaya media server to synchronize its time with an external time source. See Configure Network Time Server for details.
Secure Hypertext Transport Protocol (HTTPS): A secure extension to HTTP that encrypts all messages between the web server and a browser. It also uses a digital signature to authenticate users and servers.
This screen is a front end to the standard Linux command ipchains. Ipchains is used to set up, maintain, and inspect the IP firewall rules in the Linux kernel. These rules can be divided into four categories: the IP input chain, the IP output chain, the IP forwarding chain, and user-defined chains. This screen only allows administration of the input chain. The output chain and forwarding chain are set to "accept". There is no user-defined chain.
Hardware and software requirements