HP Firewall 31

Step		Command	Remarks
			Whether local, RADIUS, or
			HWTACACS authentication is
3.	Enable scheme	authentication-mode scheme	adopted depends on the configured
	authentication.	authentication-mode scheme	AAA scheme.
	authentication.		AAA scheme.
			By default, console login users are
			not authenticated.

			Optional.
4.	Enable command	command authorization	By default, command authorization
	authorization.	command authorization	is disabled. The commands
			available for a user only depend on
			the user privilege level.

			Optional.
5.	Enable command	command accounting	By default, command accounting is
	accounting.	command accounting	disabled. The accounting server
			does not record the commands
			executed by users.

6.	Exit to system view.	quit	N/A

			Optional.
		a. Enter ISP domain view:	By default, local authentication is
		domain domain-name	used.
		b. Apply an AAA scheme to	For local authentication, configure
		the domain:	local user accounts.
		authentication default	For RADIUS or HWTACACS
7.	Apply an AAA	{ hwtacacs-scheme	For RADIUS or HWTACACS
7.	Apply an AAA	{ hwtacacs-scheme	authentication, configure the
	authentication scheme to	hwtacacs-scheme-name	authentication, configure the
	authentication scheme to	hwtacacs-scheme-name	RADIUS or HWTACACS scheme on
	the intended domain.	[ local ] local none	RADIUS or HWTACACS scheme on
	the intended domain.	[ local ] local none	the device and configure
		radius-scheme	the device and configure
		radius-scheme	authentication settings (including the
		radius-scheme-name	authentication settings (including the
		radius-scheme-name	username and password) on the
		[ local ] }	username and password) on the
		[ local ] }	server.
		c. Exit to system view:	server.
		c. Exit to system view:	For more information about AAA
		quit	For more information about AAA
		quit	configuration, see Access Control
			configuration, see Access Control
			Configuration Guide.

8.	Create a local user and	local-user user-name	By default, a local user named
	enter local user view.	local-user user-name	admin exists.
	enter local user view.		admin exists.

9.	Set an authentication		By default, the password for
9.	Set an authentication	password { cipher simple }	system-predefined user admin is
	password for the local user.	password	admin, and no password is set for
			any other local user.

10.	Specifies a command level	authorization-attribute level level	Optional.
	of the local user.	authorization-attribute level level	By default, the command level is 0.
	of the local user.


			By default, the system-predefined
11. Specify terminal service for			user admin can use terminal service,
11. Specify terminal service for		service-type terminal	Telnet service, SSH service, and
	the local user.	service-type terminal	Telnet service, SSH service, and
	the local user.		Web service, and no service type is
			Web service, and no service type is
			specified for any other local user.

12.	Configure common settings	See "Configuring common console	Optional.
	for console login.	user interface settings (optional)."	Optional.
	for console login.	user interface settings (optional)."

		25