Accessing the C-Web Interface

Before you can start using the C-Web interface, you need to configure and enable access to the C-Web interface with the SRC CLI. You can make the C-Web interface accessible to remote users through secure HTTP (HTTPS) or HTTP.

Configuring Access to the C-Web Interface Through Secure HTTP

Before you configure access to the C-Web interface through HTTPS, obtain a digital security certificate on the system.

See Digital Certificates Overview.

To make the C-Web interface accessible to remote users through HTTPS:

  1. From configuration mode, access the hierarchy level for Web-management HTTPS.
    [edit]user@host# edit system services web-management https
  2. Specify which TCP port is to receive incoming connection requests for the C-Web interface.
    [edit system services web-management https]user@host# set port port

    The default port for HTTPS is 443.

  3. Specify the interface to be used for Web browser connections to the C-Web interface.
    [edit system services web-management https]user@host# set interface interface

    On a C Series Controller, use eth0; you can use eth2 or eth3 if installed.

    On C Series Controllers, specifying an interface is important if your C Series Controller has eth2 and eth3 interfaces and you want to restrict C-Web interface access to one or both of these interfaces.

  4. Specify the name of the certificate on the local system.
    [edit system services web-management https]user@host# set local-certificate local-certificate
  5. Configure logging for the C-Web interface.

    See Logging for SRC Components Overview.

  6. (Optional) Configure user accounts to allow specified users to log in to the C-Web interface.

    Users who have privileges to log in to the SRC CLI also have privileges to log in to the C-Web interface.

    Note: Like access to the SRC CLI, we recommend that you not use root access. If you do use root access, it must be through a secure terminal on a C Series Controller.

    See SRC User Accounts Overview.

Configuring Access to the C-Web Interface Through HTTP

Although you can configure access to the C-Web interface through HTTP rather than HTTPS, be aware of the following restrictions:

To make the C-Web interface accessible to remote users through HTTP:

  1. From configuration mode, access the hierarchy level for Web-management HTTP.
    [edit]user@host# edit system services web-management http
  2. (Required if you use redirect server) Specify which TCP port is to receive incoming connection requests for the C-Web interface.
    [edit system services web-management https]user@host# set port port

    The default port for HTTP is 80. Use another port if you use the redirect server.

  3. (Optional) Specify the interface to be used for Web browser connections to the C-Web interface.
    [edit system services web-management https]user@host# set interface interface

    On the C Series Controller, use eth0; you can use eth2 or eth3 if installed.

    On C Series Controllers, specifying an interface is important if your C Series Controller has eth2 and eth3 interfaces and you want to restrict C-Web interface access to one or both of these interfaces.

  4. Configure logging for the C-Web interface.

    See Configuring an SRC Component to Store Log Messages in a File (SRC CLI) or Configuring System Logging (SRC CLI).

  5. (Optional) Configure user accounts to allow specified users to log in to the C-Web interface.

    Users who have privileges to log in to the SRC CLI also have privileges to log in to the C-Web interface.

    Note: Like access to the SRC CLI, we recommend that you not use root access. If you do use root access, it must be through a secure terminal on a C Series Controller.

Related Documentation