Step

 

Command

Remarks

 

 

 

Whether local, RADIUS, or

 

 

 

HWTACACS authentication is

3.

Enable scheme

authentication-mode scheme

adopted depends on the configured

 

authentication.

AAA scheme.

 

 

 

 

 

By default, console login users are

 

 

 

not authenticated.

 

 

 

 

 

 

 

Optional.

4.

Enable command

command authorization

By default, command authorization

 

authorization.

is disabled. The commands

 

 

 

available for a user only depend on

 

 

 

the user privilege level.

 

 

 

 

 

 

 

Optional.

5.

Enable command

command accounting

By default, command accounting is

 

accounting.

disabled. The accounting server

 

 

 

does not record the commands

 

 

 

executed by users.

 

 

 

 

6.

Exit to system view.

quit

N/A

 

 

 

 

 

 

 

Optional.

 

 

a. Enter ISP domain view:

By default, local authentication is

 

 

domain domain-name

used.

 

 

b. Apply an AAA scheme to

For local authentication, configure

 

 

the domain:

local user accounts.

 

 

authentication default

For RADIUS or HWTACACS

7.

Apply an AAA

{ hwtacacs-scheme

authentication, configure the

 

authentication scheme to

hwtacacs-scheme-name

 

RADIUS or HWTACACS scheme on

 

the intended domain.

[ local ] local none

 

the device and configure

 

 

radius-scheme

 

 

authentication settings (including the

 

 

radius-scheme-name

 

 

username and password) on the

 

 

[ local ] }

 

 

server.

 

 

c. Exit to system view:

 

 

For more information about AAA

 

 

quit

 

 

configuration, see Access Control

 

 

 

 

 

 

Configuration Guide.

 

 

 

 

8.

Create a local user and

local-user user-name

By default, a local user named

 

enter local user view.

admin exists.

 

 

 

 

 

 

9.

Set an authentication

 

By default, the password for

password { cipher simple }

system-predefined user admin is

 

password for the local user.

password

admin, and no password is set for

 

 

 

any other local user.

 

 

 

 

10.

Specifies a command level

authorization-attribute level level

Optional.

 

of the local user.

By default, the command level is 0.

 

 

 

 

 

 

 

 

 

 

 

 

By default, the system-predefined

11. Specify terminal service for

 

user admin can use terminal service,

service-type terminal

Telnet service, SSH service, and

 

the local user.

 

 

Web service, and no service type is

 

 

 

 

 

 

specified for any other local user.

 

 

 

 

12.

Configure common settings

See "Configuring common console

Optional.

 

for console login.

user interface settings (optional)."

 

 

 

 

 

 

 

 

25

 

Page 31
Image 31
HP 200 Unified Threat Management (UTM) Appliance Domain domain-name, Hwtacacs-scheme-name, Radius-scheme-name, Password