Manualshelf

F3726, F3211, F3174, R5135, R3816-HP Firewalls and UTM Devices Access Control Configuration Guide-6PW100

ManualsBrandsHP ManualsComputer AccessoriesHP 7100/7200 IPsec dl Module
271272273274275276277278279280
269
Figure 175 Configuring the ISP domain to use local authorization
5. In the CLI, enable the Telnet service, and configure VTY interfaces 0 through 4 to use AAA for
users.
<Firewall> system-view
[Firewall] telnet server enable
[Firewall] user-interface vty 0 4
[Firewall-ui-vty0-4] authentication-mode scheme
[Firewall-ui-vty0-4] quit
489BVerifying the configuration
1. Telnet to the firewall and enter the username telnet@test and password.
You can enter the user interface of the firewall.
2. Select User > Online User from the navigation tree.
You can see the user telnet@test on the list.
Figure 176 Displaying online users
249BHWTACACS configuration example
490BNetwork requirements
As shown in 789HFigure 177, configure the firewall to use the HWTACACS server to provide authentication,
authorization, and accounting services for the Telnet user. Set the shared keys for authentication,
authorization, and accounting packets exchanged with the HWTACACS server to expert. Configure the
firewall to remove the domain name from a username before sending the username to the HWTACACS
server.