Access

About

What is Access?

The Access screen provides access to the access information of the TR7 ASP device's web management, SNMP file, and the TR7 json files required for Grafana and Prometheus software. The default access ports for TR7 ASP devices are 80, 443, and 22. These port numbers can be changed on the Access screen. Multiple IP addresses and port numbers can be defined for accessing the web interface and console access (SSH) of the server.

Additional Information

In TR7 ASP devices that work as a cluster, there is no need to separately configure Access settings. Changes made to the interface of the selected TR7 ASP device as the 1st device automatically apply to the 2nd TR7 ASP device.

Interface

Access Screen

"Settings > Device Management > Access" the access credentials for the TR7 ASP device are displayed by following the step.

Access Form Standalone Device

Access Form Cluster Device

- Button Details

Edit

Clicking the Edit button allows you to modify the Access settings.

Access Editing Form

- HTTP

Here, you can select the IP address or addresses that will be used for accessing the TR7 ASP web interface via HTTP (Port 80). The port number defaults to 80 and can be changed if desired. The listed IP addresses here are the ones defined in the "Network > Interfaces" screen.

The descriptions of IP addresses for Cluster TR7 ASP devices are provided below.

The descriptions of IP addresses for non-clustered TR7 ASP devices are provided below.

- HTTPS

Here, you can select the IP address or addresses that will be used for accessing the TR7 ASP web interface via HTTPS (Port 443). The port number defaults to 443 and can be changed if desired. The listed IP addresses here are the ones defined in the "Network > Interfaces" screen.

- HTTPS Certificate

You can choose the certificate to be displayed when connecting via HTTPS. TR7 ASP devices come with embedded certificates by default. The certificates added in the "Certificate > Certificates" step are listed here.

- HTTP(s) TR7 Idle Session Time

Select the duration for which a logged-in user's session will remain open on the TR7 ASP management interface without any activity. Users will be redirected to the login page if they do not perform any actions within the specified time.

This is the duration during which incorrect login attempts made in accordance with the Max. failed login per IP and Max. failed login per IP & username tabs will be quarantined. During this period, login attempts from the relevant IP addresses or usernames are not allowed.

Sets the limit for incorrect login attempts based on IP. IP addresses making requests above the limit will be quarantined.

Sets the limit for incorrect login attempts based on IP and username. IP addresses and usernames making requests above the limit will be quarantined.

- API Access Filter (Beta)

Please contact TR7 Support Team for details.

- SSH

Here, you can select the IP address or addresses that will be used for accessing the TR7 ASP web interface via SSH (Port 22). The port number defaults to 22 and can be changed if desired. The listed IP addresses here are the ones defined in the "Network > Interfaces" screen.

- SSH Idle Session Time

Select the duration during which the session of a user who has logged into the TR7 ASP server via SSH will remain open on the console screen without any activity. SSH connections will time out after the specified time if users do not perform any actions.

- FTP

It is used to activate the FTP service. The IP address or addresses to be used for access via FTP are selected. The port number is 21 by default. The port number can also be changed if desired. The IP addresses listed here are the IP addresses defined on the "Network > Interfaces" screen. With the FTP service, information such as log files and backup files of the system can be received by different clients or systems at desired periods.

- FTP Passive Port Range

The designated passive ports of each IP address selected for the FTP service are used by TR7.

- SNMP

SNMP is enabled by selecting the vDevice for sending SNMP Traps, selecting the relevant IP address, and entering the port information.

SNMPd v1SNMPd v2SNMPd v3

Select SNMPv1 to send SNMP Traps.

SNMP v2 is selected to send SNMP Trap and the Community Name is entered.

SNMP v3 is selected to send SNMP Trap and Username-Password information is entered.

- Prometheus allowed networks

The networks where Prometheus data will be used are entered.

- System Users

This is the section where the SSH and FTP users of the system are configured. Operations such as enabling, disabling users and assigning passwords can be performed.

- setup

User type that can perform initial setup and network interface configuration on the device.

- network

User type that can use various system tools (arp, ping, tcpdump, curl, etc.) over the device network.

- admin

User type that can perform basic management operations on the device (such as updating, taking/applying, service management, etc.).

- log

FTP user who can access files and folders containing vService and user logs as read-only.

- config_backup

FTP user who can access configuration backup files on the device as read-only.

- lists

FTP user with read/write access to external list files that can be used in conditions.

- ip_intelligence

FTP user who can view the IP intelligence database file (iprep_blacklist.txt) as read-only and edit device-based IP lists.

- update

FTP user with read/write access to files containing device update packages.

- Edit

Clicking the Edit button allows you to save the changes made.

- SNMP Files

Download the SNMP MIB file.

- Grafana Files

View the json content required for Grafana and Prometheus integration in a new tab.