F3726, F3211, F3174, R5135, R3816-HP Firewalls and UTM Devices Access Control Configuration Guide-6PW100

ManualsBrandsHP ManualsComputer AccessoriesHP 7100/7200 IPsec dl Module

241

242

243

244

245

246

247

248

249

250

235

237BLocal authentication/authorization for Telnet/FTP users

The configuration of local authentication and authorization for FTP users is similar to that for Telnet users.

This example describes the configuration of Telnet users.

466BNetwork requirements

As shown in 758HFigure 146, configure the firewall to perform local authentication and authorization for Telnet

users.

Figure 146 Network diagram

467BConfiguration procedure

1. Configure the firewall:

# Assign an IP address to interface GigabitEthernet 0/1, the Telnet user access interface.

<Firewall> system-view

[Firewall] interface gigabitethernet 0/1

[Firewall-GigabitEthernet0/1] ip address 192.168.1.70 255.255.255.0

[Firewall-GigabitEthernet0/1] quit

# Enable the Telnet server on the device.

[Firewall] telnet server enable

# Configure the firewall to use AAA for Telnet users.

[Firewall] user-interface vty 0 4

[Firewall-ui-vty0-4] authentication-mode scheme

[Firewall-ui-vty0-4] quit

# Create local user named telnet.

[Firewall] local-user telnet

[Firewall-luser-telnet] service-type telnet

[Firewall-luser-telnet] password simple aabbcc

[Firewall-luser-telnet] quit

# Configure the AAA methods for the ISP domain as local authentication and authorization.

[Firewall] domain system

[Firewall-isp-system] authentication login local

[Firewall-isp-system] authorization login local

[Firewall-isp-system] quit

2. Verify the configuration.

A user can Telnet to the user interface of the firewall by using username telnet@system and correct

password.

# Use the display connection command to view the connection information on the firewall.

[Firewall] display connection

Index=1 ,Username=telnet@system

IP=192.168.1.58

IPv6=N/A