338 V6100 and V7122 User GuideUsing the Secured Embedded Web ServerTo use the secured Embedded Web Server follow the next 3 steps:1 Access the V7122 using the following URL:https://[host name] or [IP address]Depending on the browser's configuration, a security warning dialog may be displayed.The reason for the warning is that the V7122 initial certificate is not trusted by your PC.The browser may allow you to install the certificate, thus skipping the warning dialog thenext time you connect to the V7122.2 If you are using Internet Explorer, click View Certificate and then Install Certificate.3 The browser also warns you if the host name used in the URL is not identical to the onelisted in the certificate. To solve this, add the IP address and host name (ACL_nnnnnnwhere nnnnnn is the serial number of the V7122) to your hosts file, located at /etc/hostson UNIX or C:\Windows\System32\Drivers\ETC\hosts on Windows; then use the hostname in the URL (e.g., https://ACL_280152). Figure 117 is an example of a host file:Figure 117 Example of a Host File# This is a sample HOSTS file used by Microsoft TCP/IP for Windows.# Location: C:\WINDOWS\SYSTEM32\DRIVERS\ETC\hosts#127.0.0.1 localhost10.31.4.47 ACL_280152Secured TelnetTo enable the embedded Telnet server on the V7122, set the parameter TelnetServerEnable(described in Table 44) to 1 (standard mode) or 2 (SSL mode); no information is transmittedin the clear when SSL mode is used.If the Telnet server is set to SSL mode, a special Telnet client is required on your PC toconnect to the Telnet interface over a secured connection; examples include C-Kermit forUNIX, Kermit-95 for Windows, and 3Com' acSSLTelnet utility for Windows (that requiresprior installation of the free OpenSSL toolkit). Contact 3Com to obtain the acSSLTelnetutility.Server Certificate ReplacementThe V7122 is supplied with a working SSL configuration consisting of a unique self-signedserver certificate. When the V7122 is upgraded to firmware version 4.6, a unique self-signedserver certificate is created. If an organizational Public Key Infrastructure (PKI) is used, youmay wish to replace this certificate with one provided by your security administrator.To replace the V7122 self-signed certificate follow the next 9 steps:1 Your network administrator should allocate a unique DNS name for the V7122 (e.g.,dns_name.corp.customer.com). This name is used to access the device, and shouldtherefore be listed in the server certificate.