R3166-R3206-HP High-End Firewalls Getting Started Guide-6PW101
27
To do… Use the command…
Remarks
Enable command accounting command accounting
Optional
• By default, command accounting
is disabled. The accounting server
does not record the commands
executed by users.
• Command accounting allows the
HWTACACS server to record all
executed commands that are
supported by the device,
regardless of the command
execution result. This helps control
and monitor user operations on
the device. If command
accounting is enabled and
command authorization is not
enabled, every executed
command is recorded on the
HWTACACS server. If both
command accounting and
command authorization are
enabled, only the authorized and
executed commands are recorded
on the HWTACACS server.
Exit to system view quit —
Configure
the
authentic
ation
mode
Enter the default ISP
domain view
domain domain-name
Optional
By default, the AAA scheme is local.
Specify the AAA
scheme to be
applied to the
domain
authentication default
{ hwtacacs-scheme
hwtacacs-scheme-name [ local ] |
local | none | radius-scheme
radius-scheme-name [ local ] }
Exit to system view quit
Create a local user and enter
local user view
local-user user-name By default, no local user exists.
Set the local password
password { cipher | simple }
password
Required
By default, no local password is set.
Specifies the command level of
the local user
authorization-attribute level level
Optional
By default, the command level is 0.
Specify the service type for the
local user
service-type telnet
Required
By default, no service type is
specified.
Exit to system view quit —
Configure common settings for
VTY user interfaces
—
Optional
See “Configuring common settings
for VTY user interfaces (optional).”