Step

 

Command

Remarks

3.

Enter one or multiple

user-interface vty first-number

N/A

 

VTY user interface views.

[ last-number ]

 

 

 

 

 

 

 

 

 

Whether local, RADIUS, or

 

 

 

HWTACACS authentication is adopted

4.

Enable scheme

authentication-mode scheme

depends on the configured AAA

 

authentication.

scheme.

 

 

 

 

 

By default, local authentication is

 

 

 

adopted.

 

 

 

 

 

 

 

Optional.

5.

Enable command

command authorization

By default, command authorization is

 

authorization.

disabled. The commands available for

 

 

 

a user only depend on the user

 

 

 

privilege level.

 

 

 

 

 

 

 

Optional.

6.

Enable command

command accounting

By default, command accounting is

 

accounting.

disabled. The accounting server does

 

 

 

not record the commands executed by

 

 

 

users.

 

 

 

 

7.

Exit to system view.

quit

N/A

 

 

 

 

 

 

a. Enter ISP domain view:

Optional.

 

 

domain domain-name

By default, local authentication is used.

 

 

b. Apply an AAA scheme to

For local authentication, configure

 

 

the domain:

local user accounts.

 

 

authentication default

For RADIUS or HWTACACS

8.

Apply an AAA

{ hwtacacs-scheme

authentication, configure the RADIUS

 

authentication scheme to

hwtacacs-scheme-name

 

or HWTACACS scheme on the device

 

the intended domain.

[ local ] local none

 

and configure authentication settings

 

 

radius-scheme

 

 

(including the username and

 

 

radius-scheme-name

 

 

password) on the server.

 

 

[ local ] }

 

 

For more information about AAA

 

 

c. Exit to system view:

 

 

configuration, see Access Control

 

 

quit

 

 

Configuration Guide.

 

 

 

 

 

 

 

9.

Create a local user and

local-user user-name

By default, a local user named admin

 

enter local user view.

exists.

 

 

 

 

 

 

 

 

 

By default, the password for

10.

Set a password.

password { cipher simple }

system-predefined user admin is

password

admin, and no password is set for any

 

 

 

 

 

other local user.

 

 

 

 

11.

Specify the command

authorization-attribute level level

Optional.

 

level of the local user.

By default, the command level is 0.

 

 

 

 

 

 

 

 

 

 

 

 

By default, the system-predefined user

12. Specify Telnet service for

 

admin can use terminal service, Telnet

service-type telnet

service, SSH service, and Web service,

 

the local user.

 

 

and no service type is specified for any

 

 

 

 

 

 

other local user.

 

 

 

 

13.

Exit to system view.

quit

N/A

 

 

 

 

 

 

32

 

Page 38
Image 38
HP 200 Unified Threat Management (UTM) Appliance manual User only depend on the user