R3166-R3206-HP High-End Firewalls Getting Started Guide-6PW101
33
To do… Use the command…
Remarks
Enable command accounting command accounting
Optional
• By default, command
accounting is disabled. The
accounting server does not
record the commands executed
by users.
• Command accounting allows
the HWTACACS server to
record all executed commands
that are supported by the
device, regardless of the
command execution result. This
helps control and monitor user
operations on the device. If
command accounting is
enabled and command
authorization is not enabled,
every executed command is
recorded on the HWTACACS
server. If both command
accounting and command
authorization are enabled, only
the authorized and executed
commands are recorded on the
HWTACACS server.
Exit to system view quit —
Configure the
authentication
mode
Enter the default
ISP domain
view
domain domain-name
Optional
By default, the AAA scheme is
local.
Apply the
specified AAA
scheme to the
domain
authentication default
{ hwtacacs-scheme
hwtacacs-scheme-name [ local ] |
local | none | radius-scheme
radius-scheme-name [ local ] }
Exit to system
view
quit
Create a local user and enter local
user view
local-user user-name
Required
By default, no local user exists.
Set the local password
password { cipher | simple }
password
Required
By default, no local password is
set.
Specify the command level of the
local user
authorization-attribute level level
Optional
By default, the command level is 0.
Specify the service type for the
local user
service-type ssh
Required
By default, no service type is
specified.
Return to system view quit —