This site uses cookies. By continuing to browse the site you are agreeing to our use of cookies. Read our privacy policy>
Distance Education
National Research and Education Network
Education Cloud Data Center
Campus Network
Smart Experience
Smart Decision-Making
Smart Architecture
eHospital
Regional Health
Multi-Channel HD Telemedicine Solution
Over The Top/Multi-Tenant Data Center (OTT/MTDC)
Internet Exchange Point (IXP)
Internet Access Provider (IAP)
Individual Requirements
Design & Simulation
Planning & Analytics
Digital Production
After-Sales Services
Oil & Gas IoT
Digital pipeline
HPC & Operations Management
Digital Railway
Digital Urban Rail
Smart Aviation
Retail Cloud Platform
Documentation Software Download Knowledge Base Bulletins Multimedia Portal Community Online Courses Multilingual Documents
Enterprise Network
Enterprise Data Center
Intelligent Computing
Enterprise Cloud Communications
Network Management System
Enterprise Wireless
Network Energy
By Industry
ISP
Education
Public Safety
Transportation
By Application
Enterprise Network
Buy from Huawei
If you want to get more information about your project, you can submit your information and we will contact you as soon as possible.
If your company has signed an eDeal contract with Huawei, please buy your required product/solution via the link below.
Buy from resellers
Search for a nearby reseller and get direct contact information.
Locator
Become a Partner
Resources and Support
Product
Solution
Industry
Others
Huawei Certification
Huawei Training
Huawei Authorized Learning Partner
Huawei Authorized Information and Network Academy
There is a problem with the N2510 tool. The server is well installed and the customer can join and connect to it with ‘ssh’.
But it’s impossible to connect via the GUI.
Got the general information about the customer’s system and found out that the customer is using software version V200R016, he can’t login via web and that the port is well listened as described below:
vma-prdnms-33:~# netstat -anp | grep 8081
tcp 0 0:::8081 :::* LISTEN 29348/java
The root cause is linked to the Internet browser. The customer used a low security key (cipher ) on the server. This default cipher is not adapted to the browser. Proposed to the client a higher encryption mode with a stronger encryption protocol, as seen below in the “Solution” chapter. This is a well-known issue for the N2510 tool.
1. Stop the web client service of N2510.
# su - nmsuser
# svc_adm -cmd
stopsvc las_web
# exit
2. To backup the old configuration file server.xml
# cd
/opt/n2510/server/tomcat/conf
# ls -l
(record the file operation rights)
# cp -f server.xml
/opt/n2510/server/server.xml.bk
3. Change ciphers of “server.xml” file.
Find the ciphers in the file.(it is likely at Line 90 like this):
ciphers="SSL_RSA_WITH_RC4_128_SHA, TLS_RSA_WITH_AES_128_CBC_SHA,
TLS_DHE_RSA_WITH_AES_128_CBC_SHA, TLS_DHE_DSS_WITH_AES_128_CBC_SHA"
Replace the content
with the following contents:
ciphers="SSL_ECDHE_RSA_WITH_AES_256_GCM_SHA384,SSL_ECDHE_RSA_WITH_AES_128_CBC_SHA256,SSL_ECDHE_RSA_WITH_AES_128_CBC_SHA,TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384,TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256,TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA,SSL_ECDHE_RSA_WITH_AES_128_GCM_SHA256,
TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256"
note: after modify,
make sure the server.xml operation right and ownership are the same as before.
4.
Start the web client service of N2510 .
# su - nmsuser
# svc_adm -cmd
startsvc las_web
# exit
Rollback solution:
back off ciphers configuration according to backup file:
/opt/n2510/server/server.xml.bk
END
Author : a84084336
Document ID: EKB1001268287
Fault Type :
Copyright © 2019 Huawei Technologies Co., Ltd. All rights reserved.