CLI: Web UI and Web Proxy
You can use the web command to configure the web user interface (Web UI).
Configuring web UI
web {auto-logout|logout|console|http|httpd|https|proxy|enable}
To enable or disable the Web UI:
[no] web enable
To configure the length of user inactivity before auto-logout (in seconds):
web auto-logout <time>
To configure HTTP access to the Web UI:
web http {enable|port|redirect|restrict}
enable- Enable http access to the web UI.port <port-number>- Set the port number for http access to the web UI.redirect- Enable redirection to https.restrict <network-object>- Restrict access to the web UI for a particular named network objecta logical definition created and stored in the Exinda lilbrary, can represent any network component.
To configure HTTPS access to the Web UI:
https {enable|certificate|customssl|port|restrict}
- enable - Enable https access to the web UI.
- port <port-number> - Set the port number for https access to the web UI.
- certificate regenerate - Configure a certificate for use for https connections.
- customssl - Configure a custom SSL certificate.
- restrict <network-object> - Restrict access to the web UI for a particular named network object.
To configure a custom SSL certificate:
https customssl {enable|certificate|generate csr country <country> state <state> location <location> organization <org> hostname <hostname>|privatekey}
certificate <certificate>– Specify the certificate to use.country <country>– Type your country code. E.g. US.state <state>– Type your state. E.g. California.location <location>– Type your location. E.g. "San Franscisco".organization <org>– Type your organization. E.g. "Exinda Networks".hostname <hostname>– Type your full hostname to access your appliance.privatekey <pkey>– Type a custom SSL private key that you have obtained or generated.
To configure renewal and timeout session settings:
web session {renewal <number-of-minutes>|timeout <number-of-minutes>}
To enable or disable deflate compression encoding:
[no] web httpd compression
To enable or disable Web interface restrictions:
[no] web httpd listen {enable|interface <interface>}
To restrict the listen interface for the Web UI. The configured interface should be statically configured (DHCPDynamic Host Configuration Protocol disabled).:
web httpd listen interface <interface>
Configuring web proxy
web proxy {host|proxy}
Configure the web proxy host address and port:
web proxy host <hostname or IPInternet protocol address> [port <port>]
host <hostname or IP address>- IPv4 and IPv6 addresses can be used.
To configure the type of proxy authentication:
web proxy auth authtype {none|basic}
Configure the username and password for basic authentication:
web proxy auth basic {password|username}
Viewing web settings
To show Web UI configuration and running state:
show web