Manualshelf

R3166-R3206-HP High-End Firewalls Access Control Command Reference-6PW101

ManualsBrandsHP ManualsComputer AccessoriesHP 7100/7200 IPsec dl Module
81828384858687888990
83
mac mac-address: Specifies the MAC address of the user in the format H-H-H. This keyword and
argument combination is applicable to only LAN users.
vlan vlan-id: Specifies the VLAN to which the user belongs. The vlan-id argument is in the range 1 to
4094. This keyword and argument combination is applicable to only LAN users.
Description
Use the bind-attribute command to configure binding attributes for a local user.
Use the undo bind-attribute command to remove binding attributes of a local user.
By default, no binding attribute is configured for a local user.
Binding attributes are checked upon authentication of a local user. If the binding attributes of a local user
do not match the configured ones, the user will fail the checking and the authentication.
Binding attribute checking does not take the service types of the users into account. A configured binding
attribute is effective for all types of users. Be cautious when deciding which binding attributes should be
configured for which type of local users. For example, an IP address binding is applicable to only 802.1X
authentication that supports IP address upload. If you configure an IP address binding for an
authentication method that does not support IP address upload, for example, MAC authentication, the
local authentication will fail.
Examples
# Configure the bound IP of local user abc as 3.3.3.3.
<Sysname> system-view
[Sysname] local-user abc
[Sysname-luser-abc] bind-attribute ip 3.3.3.3
display local-user
Syntax
display local-user [ service-type { ftp | portal | ppp | ssh | telnet | terminal } | state { active | block }
| user-name user-name ]
View
Any view
Default level
1: Monitor level
Parameters
service-type: Specifies the local users that use a specified type of service.
ftp—FTP users.
portal—Portal users.
ppp—PPP users.
ssh—SSH users.
telnet—Telnet users.
terminal—Users logging in through the console port, AUX port
state { active | block }: Specifies local users in the state of active or blocked. A local user in the active
state can access network services, but a local user in the blocked state cannot.