Black Box ET0010A User Manual
Advanced Configuration
EncrypTight User Guide
329
SSH Access to the ETEP
SSH is used for secure remote CLI management sessions through the Ethernet management port. SSH
access to the appliance is enabled by default.
access to the appliance is enabled by default.
To prevent remote access to the CLI, clear the Enable SSH checkbox. When SSH is disabled, CLI access
is limited to the serial port.
is limited to the serial port.
Related topic:
●
SNTP Client Settings
The ETEP includes a Network Time Protocol (NTP) client, which is used to synchronize the appliance
time with an NTP server. NTP is useful in minimizing or eliminating clock drift that can occur over time,
and keeping timestamps of log events consistent across appliances and other devices in the network.
The NTP client supports unicast client mode, in which the client (ETEP) sends a request to a designated
NTP server and waits for a reply from the server. The ETEP synchronizes with the NTP service at a
dynamic interval inherent in the operating system’s NTP client.
time with an NTP server. NTP is useful in minimizing or eliminating clock drift that can occur over time,
and keeping timestamps of log events consistent across appliances and other devices in the network.
The NTP client supports unicast client mode, in which the client (ETEP) sends a request to a designated
NTP server and waits for a reply from the server. The ETEP synchronizes with the NTP service at a
dynamic interval inherent in the operating system’s NTP client.
Time synchronization with the NTP time service overrides any manually set date and time. The UTC
offset is unaffected.
offset is unaffected.
To configure the NTP client:
1 Click the Enable SNTP Client checkbox.
2 Enter the IP address of the NTP service.
1 Click the Enable SNTP Client checkbox.
2 Enter the IP address of the NTP service.
With ETEP software version 1.6 and later, you can use either IPv4 or IPv6 addresses.
Related topic:
●
●
IKE VLAN Tags
When the ETEP is configured for operation with Layer 2 point-to-point policies, the two ETEPs must be
able to communicate with each other to exchange key information. In some Layer 2 networks, all frames
must have a VLAN tag to traverse the network. The ETEP can be configured to add a VLAN tag to the
Ethernet frames used for ETEP-to-ETEP communications.
able to communicate with each other to exchange key information. In some Layer 2 networks, all frames
must have a VLAN tag to traverse the network. The ETEP can be configured to add a VLAN tag to the
Ethernet frames used for ETEP-to-ETEP communications.
This setting has no effect when the ETEP is configured for use in EncrypTight distributed key policies.
The following settings are prerequisites for configuring this feature:
1 On the Features tab, set the Encryption Policy Setting to Layer 2:Ethernet.
2 On the Features tab, clear the Enable EncrypTight checkbox.
2 On the Features tab, clear the Enable EncrypTight checkbox.