HP A-F1000-E Getting Started Manual page 32

High-end firewalls

Hide thumbs Also See for A-F1000-E:

Product end-of-life disassembly instructions (3 pages)

Installation manual (75 pages)

Table Of Contents

100

101

102

103

104

105

106

107

108

109

110

111

112

113

114

115

116

117

118

119

120

121

122

123

124

125

126

127

128

129

130

131

132

133

134

135

136

137

138

139

140

141

142

143

144

145

Table of Contents

To do...

Enter the

default ISP

domain view

Configure

the

Specify the

authentic

AAA scheme to

ation

be applied to

mode

the domain

Exit to system

view

Create a local user and

enter local user view

Set the local password

Specifies the command level

of the local user

Specify the service type for

the local user

Exit to system view

Configure common settings

for VTY user interfaces

After you enable command authorization or command accounting, you need to perform the following

configuration to make the function take effect:

Create a HWTACACS scheme, and specify the IP address of the authorization server and other

•

authorization parameters.

•

Reference the created HWTACACS scheme in the ISP domain.

When users adopt the scheme mode to log in to the device, the level of the commands that the users can

access depends on the user privilege level defined in the AAA scheme.

•

When the AAA scheme is local, the user privilege level is defined by the authorization-attribute

level level command.

When the AAA scheme is RADIUS or HWTACACS, the user privilege level is configured on the

•

RADIUS or HWTACACS server.

When you log in to the device through Telnet again:

You are required to enter the login username and password. A prompt such as <HP> appears after

•

you enter the correct username (for example, admin) and password and press Enter, as shown in

Figure

20.

•

After you enter the correct username and password, if the device prompts you to enter another

password of the specified type, you will be authenticated for the second time. In other words, to

pass authentication, you must enter a correct password as prompted.

Use the command...

domain domain-name

authentication default

{ hwtacacs-scheme

hwtacacs-scheme-name

[ local ] | local | none |

radius-scheme

radius-scheme-name

[ local ] }

quit

local-user user-name

password { cipher |

simple } password

authorization-attribute

level level

service-type telnet

quit

—

Remarks

Optional

By default, the AAA scheme is local.

By default, no local user exists.

Required

By default, no local password is set.

Optional

By default, the command level is 0.

Required

By default, no service type is specified.

—

Optional

See

"Configuring common settings for VTY user

interfaces

(optional)."

Table of Contents

Show Quick Links

Quick Links:
Firewall A-F1000

Hide quick links:

Table of Contents

This manual is also suitable for:

A-f5000

HP A-F1000-E Getting Started Manual page 32

Hide quick links:

Related Manuals for HP A-F1000-E

Related Products for HP A-F1000-E

This manual is also suitable for:

Table of Contents