Manualshelf

F3726, F3211, F3174, R5135, R3816-HP Firewalls and UTM Devices Access Control Configuration Guide-6PW100

ManualsBrandsHP ManualsComputer AccessoriesHP 7100/7200 IPsec dl Module
241242243244245246247248249250
236
Total 1 connection(s) matched.
238BLevel switching authentication for Telnet users by a RADIUS
server
468BNetwork requirements
As shown in 759HFigure 147, configure the firewall to:
Use local authentication for the Telnet user and assign the privilege level of 0 to the user when the
user passes authentication.
Use the RADIUS server for level switching authentication of the Telnet user. If the RADIUS server is
not available, use local authentication.
Figure 147 Network diagram
469BConfiguration considerations
1. Configure the firewall to use AAA, particularly, local authentication for Telnet users:
{ Create ISP domain bbb and configure it to use local authentication for Telnet users.
{ Create a local user account, configure the password, and assign the privilege level for the user
to enjoy after login.
2. On the firewall, configure the authentication method for user privilege level switching:
{ Specify the firewall to use RADIUS authentication and, if RADIUS authentication is not
available, use local authentication for users switching from a lower level to a higher level.
{ Configure RADIUS scheme rad and assign an IP address to the RADIUS server. Set the shared
keys for secure RADIUS communication and specify that usernames sent to the RADIUS server
carry no domain name. Configure the domain to use RADIUS scheme rad for user privilege
level switching authentication.
{ Configure the password for local user privilege level switching authentication.
3. On the RADIUS server, add the username and password for user privilege level switching
authentication.
470BConfiguration procedure
1. Configure the firewall:
# Configure the IP address of GigabitEthernet 0/1, through which the Telnet user accesses the
firewall.
<Firewall> system-view