Step

 

Command

Remarks

4. Enter one or multiple VTY user

user-interface vty first-number

N/A

 

 

interface views.

[ last-number ]

 

 

 

 

 

 

 

 

5.

 

Enable scheme

 

By default, the authentication

 

authentication-mode scheme

mode for VTY user interfaces is

 

 

authentication.

 

 

 

scheme.

 

 

 

 

 

 

 

 

6.

Enable the user interfaces to

 

Optional.

 

 

support Telnet, SSH, or both

protocol inbound { all ssh }

By default, both Telnet and SSH

 

 

of them.

 

are supported.

 

 

 

 

 

 

 

 

 

 

 

 

 

Optional.

7.

 

Enable command

command authorization

By default, command authorization

 

 

authorization.

is disabled. The commands

 

 

 

 

available for a user only depend

 

 

 

 

on the user privilege level.

 

 

 

 

 

 

 

 

 

Optional.

8.

 

Enable command accounting.

command accounting

By default, command accounting is

 

disabled. The accounting server

 

 

 

 

does not record the commands

 

 

 

 

executed by users.

 

 

 

 

 

9.

 

Exit to system view.

quit

N/A

 

 

 

 

 

 

 

 

a. Enter the ISP domain view:

 

 

 

 

domain domain-name

Optional.

 

 

 

b. Apply the specified AAA

For local authentication, configure

 

 

 

scheme to the domain:

local user accounts.

 

 

 

authentication default

For RADIUS or HWTACACS

 

 

 

{ hwtacacs-scheme

 

 

 

authentication, configure the

10.

 

Apply an AAA authentication

hwtacacs-scheme-name

 

RADIUS or HWTACACS scheme

 

 

scheme to the intended

[ local ] ldap-scheme

 

 

on the device and configure

 

 

domain.

ldap-scheme-name

 

 

authentication settings (including

 

 

 

[ local ] local none

 

 

 

the username and password) on

 

 

 

radius-scheme

 

 

 

the server.

 

 

 

radius-scheme-name

 

 

 

For more information about AAA

 

 

 

[ local ] }

 

 

 

configuration, see Access Control

 

 

 

c. Exit to system view:

 

 

 

Configuration Guide.

 

 

 

quit

 

 

 

 

 

 

 

 

 

11.

 

Create a local user and enter

local-user user-name

By default, a local user named

 

 

local user view.

admin exists.

 

 

 

 

 

 

 

 

12.

Set a password for the local

 

By default, the password for

password { cipher simple }

system-predefined user admin is

 

 

user.

password

admin, and no password is set for

 

 

 

 

any other local user.

 

 

 

 

 

13.

 

Specify the command level of

authorization-attribute level level

Optional.

 

 

the user.

By default, the command level is 0.

 

 

 

 

 

 

 

 

 

 

 

 

37

Page 43
Image 43
HP 200 Unified Threat Management (UTM) Appliance manual Last-number, Ldap-scheme-name