Allow the Edge SSL certificate to be replaced

RayPesek · #1 (**permalink**) 2006-10-06

The Edge "hotspot" feature is nice as long as you force SSL to protect the traffic. Unfortunately it uses a self-signed certificate and there's no way to install a real certificate.

We train our users to not use sites with self-signed certificates, so we cannot offer the hotspot feature, which we really want to do.

We never use https://my.vpn, my.firewall or my.hotspot, so we don't really care about the certificate mismatch it would cause. We would use a certificate of hotspot.ourcompany.com for the Edge if we could do it.

Ray

melipla · #2 (**permalink**) 2006-10-09

Good one.

I vote for configurable MAC Addresses for Edge interfaces. Last code rev I checked, LAN1 LAN2 LAN3 LAN4 all used the same MAC.

chillyjim · #3 (**permalink**) 2006-10-11

Quote:

Originally Posted by melipla

I vote for configurable MAC Addresses for Edge interfaces. Last code rev I checked, LAN1 LAN2 LAN3 LAN4 all used the same MAC.

LAN1-4 is a switch not seperate interfaces so they all have the same MAC (that of the switch).

melipla · #4 (**permalink**) 2006-10-12

Quote:

Originally Posted by chillyjim

LAN1-4 is a switch not seperate interfaces so they all have the same MAC (that of the switch).

Hence the feedback for them to have seperate MAC addreses....

Inside the Edge web-based configuration they look like seperate interfaces, not only in their labeling but regarding which VLAN they're in. Normal switches are able to have different MACs on their interfaces.

chillyjim · #5 (**permalink**) 2006-10-13

Minor Rant

This is where the definition of a switch has changed. A switch port is is a bridge and and in-and-of itself doesn't have a MAC address, a manageable switch will have a MAC (so you can telent and the like to it). Now we have this concept of a layer-3 switch, which is switch/router combination and a port may act as a routed port and as such needs a MAC address.

Most of this terminology problems are directly Cisco's fault. Cisco even has a different definition for a router and bridge than what they were when we started (Bridges connect two or more physical networks, routers connect two or more logical networks. Cisco routers are brouters, bridging-routers)

/Rant (A sore point of mine)

chillyjim · #6 (**permalink**) 2006-10-13

Quote:

Originally Posted by RayPesek

The Edge "hotspot" feature is nice as long as you force SSL to protect the traffic. Unfortunately it uses a self-signed certificate and there's no way to install a real certificate.

VPN->Certificate->Install Certificate

RayPesek · #7 (**permalink**) 2006-10-14

Thanks. Will that let you select which certificate you want to replace? Seems to me there's my.firewall, my.vpn and my.hotspot certificates, but my memory could be faulty (again).

I'll poke around with that next week and let you onow how it goes.

Ray

chillyjim · #8 (**permalink**) 2006-10-17

Quote:

Originally Posted by RayPesek

Thanks. Will that let you select which certificate you want to replace? Seems to me there's my.firewall, my.vpn and my.hotspot certificates, but my memory could be faulty (again).

There is only one from what i'm told.

Quote:

I'll poke around with that next week and let you onow how it goes.

Ray

Please do.

Thread Tools
Show Printable Version Email this Page
Display Modes
Linear Mode Switch to Hybrid Mode Switch to Threaded Mode