Appliance Administration: Restrict Accounts, Networks, and Ports, Set Up Syslog, Enable Login Agreement, Reset Admin Account
Manage access to /appliance administrative interface accounts by setting how many failed logins are allowed. Set how long an account is locked out after passing the failed login limit. Also, set the number of days a password may be used before expiration and restrict reuse of previously used passwords.
You can restrict access to your appliance’s administrative interface by setting network addresses that are or are not allowed and by selecting the ports through which this interface will be accessible.
In the Accepted Addresses field, define IP addresses or networks that will always be granted access to /appliance. In Rejected Addresses, define IP addresses or networks that will always be denied access to /appliance. Use the Default Action dropdown to determine whether to accept or to reject IP addresses and networks not listed in either of the above fields. In the case of overlap, the most specific match takes precedence.
If, for example, you want to allow access to 10.10.0.0/16 but reject access to 10.10.16.0/24 and reject access from anywhere else, you would enter 10.10.0.0/16 in the Accepted Addresses field, enter 10.10.16.0/24 in the Rejected Addresses field, and set the Default Action to Reject.
The Bomgar Appliance can be configured to run a STUN service on UDP port 3478 to help facilitate peer-to-peer connections between Bomgar clients. Check the Enable local STUN Service box to use this functionality.
You can configure your appliance to send log messages to up to ten syslog servers
Note: Syslog over TLS defaults to TCP port 6514.
Note: When changing or adding a syslog server, an alert is emailed to the administrator's email address. The administrator's information is configured at Security > Email Configuration > Security :: Admin Contact.
For a detailed syslog message reference, see the Syslog Message Reference Guide at Syslog Message Reference Guide .
You can enable a login agreement that users must accept before accessing the /appliance administrative interface. The configurable agreement allows you to specify restrictions and internal policy rules before users are allowed to log in.
You can choose to select Reset Admin Account, which will restore a site’s administrative username and password to the default should the login be forgotten or need to be replaced.