3Com VCX V7122 SIP VoIP Gateway User Manual42Password ControlThe Embedded Web Server is protected by a unique username and password combination.The first time a browser request is made, the User is requested to provide his username andpassword to obtain access. Subsequent requests are negotiated by the browser on behalf ofthe User, so that the User doesn’t have to re-enter the username and password for eachrequest, but the request is still authenticated (the Embedded Web Server uses the MD5authentication method supported by the HTTP 1.1 protocol).An additional level of protection is obtained by a restriction that no more than three IPaddresses can access the Embedded Web Server concurrently. With this approach, a fourthUser is told that the server is busy, even if the correct username and password wereprovided.Embedded Web Server Username and PasswordThe default username and password for all gateways are: Username = “Admin” (case-sensitive) Password = “Admin” (case-sensitive)For details on changing the username and password, see Changing the VCX V7122Username and Password on page 75. Note that the password and username can be amaximum of 7 case-sensitive characters.The User can reset the Web username and password (to the default values) by enabling anini file parameter called ‘ResetWebPassword’. The Web password is automatically thedefault password.Configuring the Web Interface via the ini FileTwo additional security preferences can be configured using ini file parameters. Thesesecurity levels provide protection against unauthorized access (such as Internet hackerattacks), particularly to Users without a firewall. For information on the ini file see Chapter 6:ini File Configuration of the VCX V7122 on page 91.Limiting the Embedded Web Server to Read-Only ModeUsers can limit the Web Interface to read-only mode by changing the ini file parameter‘DisableWebConfig’ to 1. In this mode all Web screens are read-only and cannot bemodified. In addition, the following screens cannot be accessed: ‘Quick Setup’, ‘ChangePassword’, ’Reset‘, ‘Save Configuration‘, ‘Software Upgrade Wizard’, ‘Load Auxiliary Files’,‘Configuration File’ and ‘Regional Settings’.Disabling the Embedded Web ServerTo deny access to the gateway through HTTP protocol, the User can disable the EmbeddedWeb Server task. To disable the Web task, use the ini file parameter ‘DisableWebTask = 1’.The default is to Web task enabled.Accessing the Embedded Web ServerTo access the Embedded Web Server, follow these steps: