HP 200 Unified Threat Management (UTM) Appliance manual Configuring the system time at the CLI

Page 96

Figure 70 Configuring Device A as the NTP server of Device B

3.Verifying the configuration

After the configuration, you can see that the current system time displayed on the System Time page is the same for Device A and Device B.

Configuration guidelines

A device can act as a server to synchronize the clock of other devices only after its clock has been synchronized. If the clock of a server has a stratum level higher than or equal to that of a client's clock, the client will not synchronize its clock to the server's.

The synchronization process takes a period of time. Therefore, the clock status may be unsynchronized after your configuration. In this case, you can refresh the page to view the clock status later on.

If the system time of the NTP server is ahead of the system time of the device, and the difference between them exceeds the Web idle time specified on the device, all online Web users are logged out because of timeout.

Configuring the system time at the CLI

You must synchronize your device with a trusted time source by using NTP or changing the system time before you run it on the network. Network management depends on an accurate system time setting, because the timestamps of system messages and logs use the system time. For NTP configuration, see Network Management and Monitoring Configuration Guide.

In a small-sized network, you can manually set the system time of each device.

IMPORTANT:

If you reboot the device, the system time and date are restored to the factory default. To ensure an accurate system time setting, you must change the system time and date or configure NTP for the device.

90

Image 96
Contents HP Firewalls and UTM Devices Page Contents Page Iii Page Overview F1000-A-EI/F1000-S-EIOverview AppearanceF1000-E Front viewF5000 Aspf Firewall modules Firewall module for 5800 switches Enhanced firewall modulesUTM products U200-A U200-A front viewApplication scenarios F1000-A-EI/F1000-S-EIU200-S Firewall applicationVirtual firewall application VPN applicationF1000-E F5000 Firewall modulesEnhanced firewall modules Clound computing data center applicationRemote access application Enterprise network applicatoinUTM Network diagram Login overview Login methods at a glanceLogin methods Login method Default setting and configuration requirementsCLI login method and user interface matrix User interface Login methodCLI user interfaces User interface assignmentPage Default console port properties Parameter DefaultLogging in to the CLI Logging in through the console port for the first timeConnection description Configuring console login control settings Setting the properties of the serial portConfiguring none authentication for console login Authentication Configuration tasks Reference ModeCommand Remarks Last-numberConfiguring password authentication for console login Configuring scheme authentication for console loginConfiguration Guide PasswordDomain domain-name Hwtacacs-scheme-nameConfiguring common console user interface settings optional Speed speed-valueTelnet login Logging in through TelnetTelnet server and Telnet client configuration requirements Device role RequirementsConfiguring none authentication for Telnet login Configuring password authentication for Telnet login Telnetting to the device without authenticationConfiguring scheme authentication for Telnet login Password authentication interface for Telnet loginUser only depend on the user Configuring common VTY user interface settings optional Step Command RemarksUsing the device to log in to a Telnet server CommandCharacter ValueLogging in through SSH To use the device to log in to a Telnet serverConfiguring the SSH server on the device SSH server and client requirementsLdap-scheme-name Local login through the AUX port Using the device to log in to an SSH serverStarted Command Reference Ssh2 serverHardware Feature compatible AUX login diagramConfiguring none authentication for AUX login Configuring password authentication for AUX login Configuring scheme authentication for AUX login Password authentication interface for AUX loginApply the specified AAA Configuring common settings for AUX login optional Ip alias ip-address port-numberDisplay type of both the device Login procedure Default AUX port propertiesConnecting the AUX port to a terminal Power on the device and press Enter at the prompt Displaying and maintaining CLI login Task Command RemarksInclude regular-expression Regular-expressionSend all num1 aux console Available in user view Vty num2 Configuration guidelines Logging in by using the default Web login settingsLogging in to the Web interface Adding a Web login account Configuring Web loginConfiguring Http login Basic Web login configuration requirementsObject Requirements Web captcha verification-codeConfiguring Https login Interface interface-type Interface-numberVerification-code VPN Configuration Guide Policy-nameHttps Mask mask-lengthDisplaying and maintaining Web login Http login configuration exampleConfiguration procedure Network requirementsHttps login configuration example # Associate the Https service with SSL server policy myssl # Enable the Https serviceConfigure the host Https client # Create RSA local key pairsTroubleshooting Web browser Failure to access the device through the Web interfaceSymptom Configuring the Internet Explorer settingsInternet Explorer setting Configuring Firefox Web browser settings Click OK in the Security Settings dialog boxFirefox Web browser setting Accessing the device through Snmp Configuring Snmp accessConfiguring SNMPv3 access PrerequisitesConfiguring SNMPv1 or SNMPv2c access Ipv6 ipv6-acl-number See Getting Started Command ReferencePriv-password acl acl-number acl ipv6 ipv6-acl-number Notify-view acl acl-number aclSnmp login example StepCommand Remarks# Enable the Snmp agent # Configure an Snmp groupPage Feature and hardware compatibility Logging in to the firewall module from the network deviceLogging in to the firewall module from the network device Resetting the system of the firewall module Configuring the Acsei protocolAcsei timers Configuring Acsei server on the network deviceAcsei starts up and runs in the following procedures Acsei startup and runningConfiguring Acsei client on the firewall module Displaying and maintaining Acsei server and clientNetwork requirements Client-idConfiguration procedure # Set the clock synchronization timer to 10 minutes# Set the monitoring timer to 10 seconds # Log in to the firewall modulePage Basic configuration Performing basic configuration in the Web interfaceOverview Basic configuration wizard-1/6 Click Next For basic configuration appearsBasic configuration wizard-2/6 basic information Click Next For configuring service management appearsBasic configuration wizard-3/6 service management Another service Assign IP addresses to the interfacesConfiguration items Click Next For configuring NAT appearsConfigure the parameters as described in Table IP/Wildcard Performing basic configuration at the CLI Basic configuration wizard-6/6Global-name Interface interface-typeIp address ip-address mask-length mask Zone name zone-name id zone-idConfiguration Configuring the device name in the Web interface Configuring the device name at the CLIManaging the device Hardware Supported storage mediumConfiguring the system time in the Web interface Configuring the system timeDisplaying the current system time Configuring the network time CalendarConfiguring the time zone and daylight saving time Source InterfaceDate and time configuration example This example, Device a is the firewallConfiguring the local clock as the reference clock Configuring the system time at the CLI Configuration guidelinesSystem time configuration results Date-timeZone-offset Date-time ± zone-offsetZone-offset + To change the system time Date-time ± zone-offset +Summer-offset Both date-timeSetting the idle timeout timer in the Web interface Setting the idle timeout timer at the CLITo set the idle timeout timer Configuring banners To enable displaying the copyright statementEnabling displaying the copyright statement Banner message input modesConfiguring the maximum number of concurrent users To configure bannersConfiguring the exception handling method Rebooting the deviceRebooting the firewall in the Web interface Rebooting the firewall at the CLI Rebooting devices immediately at the CLIScheduling a device reboot Job configuration approaches Scheduling jobsComparison of non-modular and modular approaches Scheduling a job in the non-modular approach Scheduling a job in the modular approachJob job-name View view-nameScheduled job configuration example Time time-id at time date command command# Create a job named pc1, and enter its view Setting the port status detection timer # Create a job named pc2, and enter its view# Create a job named pc3, and enter its view # Display information about scheduled jobsConfiguring temperature thresholds for a device or a module Configuring basic temperature thresholdsConfiguring advanced temperature thresholds To set the port status detection timerMonitoring an NMS-connected interface Clearing unused 16-bit interface indexes Verifying and diagnosing transceiver modules Verifying transceiver modulesDiagnosing transceiver modules Interface-number beginCommand Reference Displaying and maintaining device managementSee Getting Started Task Command Remarks Task Command Remarks Configuring a local user in the Web interface Managing usersUser levels Configure a local user, as described in Table Click Apply Click AddConfiguration example Service type feature and hardware compatibilityItem Description Configuring a local user at the CLI Controlling user loginsConfiguring Telnet login control Configuring source IP-based Telnet login control Source sour-addr sour-wildcardVpn-instancevpn-instance-name Ipv6-address prefix-lengthTelnet login control configuration example Configuring source MAC-based Telnet login controlRule-string Configuring source IP-based Snmp login control Getting StartedSnmp login control configuration example Ipv6 ipv6-acl-numberRead-view write-viewwrite-view Group-name acl acl-number acl ipv6Configuring Web login control Configuring source IP-based Web login controlWeb login control configuration example Logging off online Web usersSource sour-addr sour-wildcard N/A any time-range User-id user-nameuser-nameDisplaying online users Field DescriptionUsing the CLI Command conventionsCommand conventions Convention DescriptionUsing the undo form of a command CLI viewsTask Command Entering system view from user viewReturning to the upper-level view from any view Returning to user view from any other viewAccessing the CLI online help Entering a command Editing a command lineAbbreviating commands Command line editing keysConfiguring and using command keyword aliases Configuring and using hotkeysTo configure a command keyword alias Usage guidelinesEnabling redisplaying entered-but-not-submitted commands System-reserved hotkeysHotkey Function Understanding command-line error messages Using the command history functionCommon command-line error messages Error message CauseViewing history commands Setting the command history buffer size for user interfacesPausing between screens of output Controlling the CLI outputFiltering the output from a display command Special characters supported in a regular expressionCharacter Meaning Examples Contain stringstring. string1string2\2 repeats String1string2string2. string1string2\1\2String1string2string1string2 Matches character1character2Configuring user privilege and command levels A being character2, but does not match 2aConfiguring a user privilege level Command levels and user privilege levelsLevel Privilege Default set of commands Management and Maintenance Last-num1 vty first-num2 Last-num2By default, the user privilege level Switching the user privilege level Privilege level switching authentication modes Authentication mode Keywords DescriptionInformation, see Access Control Configuration Guide Switching to a higher user privilege level Information required for user privilege level switchingSaving the running configuration Changing the level of a commandTo change the level of a command View commandSupport and other resources Contacting HPRelated information Command conventions SymbolsConventions GUI conventionsNetwork topology icons Port numbering in examplesIndex 144
Related manuals
Manual 3 pages 45.38 Kb