HP 200 Unified Threat Management (UTM) Appliance manual

Page 95

Figure 68 Network diagram

Configuration procedure

1.On Device A, configure the local clock as the reference clock, with the stratum 2:

a.Select Device Management > System Time from the navigation tree.

b.Click Network Time Protocol.

The page for setting up NTP appears.

c.Select 127.127.1.1 from the Local Reference Source list.

d.Select 2 from the Stratum list.

e.Click Apply.

Figure 69 Configuring the local clock as the reference clock

2.On Device B, configure Device A as the NTP server of Device B:

a.Select Device Management > System Time from the navigation tree.

b.Click Network Time Protocol.

The page for setting up NTP appears.

c.Enter 1.0.1.11 in the NTP Server 1 box.

d.Click Apply.

89

Page 94 Page 96
Image 95
Page 94 Page 96
Contents HP Firewalls and UTM Devices Page Contents Page Iii Page Appearance OverviewF1000-A-EI/F1000-S-EI OverviewFront view F1000-EF5000 Aspf Firewall modules Enhanced firewall modules Firewall module for 5800 switchesUTM products U200-A front view U200-AFirewall application Application scenariosF1000-A-EI/F1000-S-EI U200-SVPN application Virtual firewall applicationF1000-E Firewall modules F5000Clound computing data center application Enhanced firewall modulesEnterprise network applicatoin Remote access applicationUTM Network diagram Login method Default setting and configuration requirements Login overviewLogin methods at a glance Login methodsUser interface assignment CLI login method and user interface matrixUser interface Login method CLI user interfacesPage Logging in through the console port for the first time Default console port propertiesParameter Default Logging in to the CLIConnection description Setting the properties of the serial port Configuring console login control settingsLast-number Configuring none authentication for console loginAuthentication Configuration tasks Reference Mode Command RemarksConfiguring scheme authentication for console login Configuring password authentication for console loginHwtacacs-scheme-name Configuration GuidePassword Domain domain-nameSpeed speed-value Configuring common console user interface settings optionalLogging in through Telnet Telnet loginDevice role Requirements Telnet server and Telnet client configuration requirementsConfiguring none authentication for Telnet login Telnetting to the device without authentication Configuring password authentication for Telnet loginPassword authentication interface for Telnet login Configuring scheme authentication for Telnet loginUser only depend on the user Step Command Remarks Configuring common VTY user interface settings optionalValue Using the device to log in to a Telnet serverCommand CharacterTo use the device to log in to a Telnet server Logging in through SSHSSH server and client requirements Configuring the SSH server on the deviceLdap-scheme-name Ssh2 server Local login through the AUX portUsing the device to log in to an SSH server Started Command ReferenceAUX login diagram Hardware Feature compatibleConfiguring none authentication for AUX login Configuring password authentication for AUX login Password authentication interface for AUX login Configuring scheme authentication for AUX loginApply the specified AAA Ip alias ip-address port-number Configuring common settings for AUX login optionalDisplay type of both the device Default AUX port properties Login procedureConnecting the AUX port to a terminal Power on the device and press Enter at the prompt Regular-expression Displaying and maintaining CLI loginTask Command Remarks Include regular-expressionSend all num1 aux console Available in user view Vty num2 Logging in to the Web interface Configuration guidelinesLogging in by using the default Web login settings Configuring Web login Adding a Web login accountWeb captcha verification-code Configuring Http loginBasic Web login configuration requirements Object RequirementsVerification-code Configuring Https loginInterface interface-type Interface-number Policy-name VPN Configuration GuideMask mask-length HttpsNetwork requirements Displaying and maintaining Web loginHttp login configuration example Configuration procedureHttps login configuration example # Create RSA local key pairs # Associate the Https service with SSL server policy myssl# Enable the Https service Configure the host Https clientConfiguring the Internet Explorer settings Troubleshooting Web browserFailure to access the device through the Web interface SymptomInternet Explorer setting Click OK in the Security Settings dialog box Configuring Firefox Web browser settingsFirefox Web browser setting Prerequisites Accessing the device through SnmpConfiguring Snmp access Configuring SNMPv3 accessNotify-view acl acl-number acl Configuring SNMPv1 or SNMPv2c accessIpv6 ipv6-acl-number See Getting Started Command Reference Priv-password acl acl-number acl ipv6 ipv6-acl-number# Configure an Snmp group Snmp login exampleStepCommand Remarks # Enable the Snmp agentPage Logging in to the firewall module from the network device Feature and hardware compatibilityLogging in to the firewall module from the network device Configuring the Acsei protocol Resetting the system of the firewall moduleAcsei startup and running Acsei timersConfiguring Acsei server on the network device Acsei starts up and runs in the following proceduresClient-id Configuring Acsei client on the firewall moduleDisplaying and maintaining Acsei server and client Network requirements# Log in to the firewall module Configuration procedure# Set the clock synchronization timer to 10 minutes # Set the monitoring timer to 10 secondsPage Overview Basic configurationPerforming basic configuration in the Web interface Click Next For basic configuration appears Basic configuration wizard-1/6Click Next For configuring service management appears Basic configuration wizard-2/6 basic informationBasic configuration wizard-3/6 service management Assign IP addresses to the interfaces Another serviceConfigure the parameters as described in Table Configuration itemsClick Next For configuring NAT appears IP/Wildcard Basic configuration wizard-6/6 Performing basic configuration at the CLIZone name zone-name id zone-id Global-nameInterface interface-type Ip address ip-address mask-length maskConfiguration Hardware Supported storage medium Configuring the device name in the Web interfaceConfiguring the device name at the CLI Managing the deviceDisplaying the current system time Configuring the system time in the Web interfaceConfiguring the system time Calendar Configuring the network timeSource Interface Configuring the time zone and daylight saving timeThis example, Device a is the firewall Date and time configuration exampleConfiguring the local clock as the reference clock Configuration guidelines Configuring the system time at the CLIDate-time ± zone-offset System time configuration resultsDate-time Zone-offsetZone-offset + Both date-time To change the system timeDate-time ± zone-offset + Summer-offsetTo set the idle timeout timer Setting the idle timeout timer in the Web interfaceSetting the idle timeout timer at the CLI Banner message input modes Configuring bannersTo enable displaying the copyright statement Enabling displaying the copyright statementTo configure banners Configuring the maximum number of concurrent usersRebooting the firewall in the Web interface Configuring the exception handling methodRebooting the device Scheduling a device reboot Rebooting the firewall at the CLIRebooting devices immediately at the CLI Comparison of non-modular and modular approaches Job configuration approachesScheduling jobs View view-name Scheduling a job in the non-modular approachScheduling a job in the modular approach Job job-name# Create a job named pc1, and enter its view Scheduled job configuration exampleTime time-id at time date command command # Display information about scheduled jobs Setting the port status detection timer# Create a job named pc2, and enter its view # Create a job named pc3, and enter its viewTo set the port status detection timer Configuring temperature thresholds for a device or a moduleConfiguring basic temperature thresholds Configuring advanced temperature thresholdsMonitoring an NMS-connected interface Clearing unused 16-bit interface indexes Interface-number begin Verifying and diagnosing transceiver modulesVerifying transceiver modules Diagnosing transceiver modulesSee Getting Started Command ReferenceDisplaying and maintaining device management Task Command Remarks Task Command Remarks User levels Configuring a local user in the Web interfaceManaging users Click Add Configure a local user, as described in Table Click ApplyItem Description Configuration exampleService type feature and hardware compatibility Configuring Telnet login control Configuring a local user at the CLIControlling user logins Ipv6-address prefix-length Configuring source IP-based Telnet login controlSource sour-addr sour-wildcard Vpn-instancevpn-instance-nameRule-string Telnet login control configuration exampleConfiguring source MAC-based Telnet login control Getting Started Configuring source IP-based Snmp login controlGroup-name acl acl-number acl ipv6 Snmp login control configuration exampleIpv6 ipv6-acl-number Read-view write-viewwrite-viewConfiguring source IP-based Web login control Configuring Web login controlUser-id user-nameuser-name Web login control configuration exampleLogging off online Web users Source sour-addr sour-wildcard N/A any time-rangeField Description Displaying online usersConvention Description Using the CLICommand conventions Command conventionsCLI views Using the undo form of a commandReturning to user view from any other view Task CommandEntering system view from user view Returning to the upper-level view from any viewAccessing the CLI online help Command line editing keys Entering a commandEditing a command line Abbreviating commandsUsage guidelines Configuring and using command keyword aliasesConfiguring and using hotkeys To configure a command keyword aliasHotkey Function Enabling redisplaying entered-but-not-submitted commandsSystem-reserved hotkeys Error message Cause Understanding command-line error messagesUsing the command history function Common command-line error messagesControlling the CLI output Viewing history commandsSetting the command history buffer size for user interfaces Pausing between screens of outputCharacter Meaning Examples Filtering the output from a display commandSpecial characters supported in a regular expression Matches character1character2 Contain stringstring. string1string2\2 repeatsString1string2string2. string1string2\1\2 String1string2string1string2A being character2, but does not match 2a Configuring user privilege and command levelsLevel Privilege Default set of commands Configuring a user privilege levelCommand levels and user privilege levels Last-num1 vty first-num2 Last-num2 Management and MaintenanceBy default, the user privilege level Switching the user privilege level Information, see Access Control Configuration Guide Privilege level switching authentication modesAuthentication mode Keywords Description Information required for user privilege level switching Switching to a higher user privilege levelView command Saving the running configurationChanging the level of a command To change the level of a commandRelated information Support and other resourcesContacting HP GUI conventions Command conventionsSymbols ConventionsPort numbering in examples Network topology iconsIndex 144
Related manuals
Manual 3 pages 45.38 Kb
Top Page Image Contents