R3204P16-HP Load Balancing Module Security Configuration Guide-6PW101

ManualsBrandsHP ManualsComputer AccessoriesHP 7100/7200 IPsec dl Module

161

162

163

164

165

166

167

168

169

170

159

Network requirements

As shown in Figure 118, configure the LB module to perform local authentication, authorization, and

accounting for Telnet users.

Figure 118 Configure local authentication/authorization/accounting for Telnet users

Configuration procedure

# Configure the IP address of interface Ten-GigabitEthernet 0/0.1, through which the Telnet user accesses

the LB module.

<LB> system-view

[LB] interface Ten-GigabitEthernet 0/0.1

[LB-Ten-GigabitEthernet0/0.1] ip address 192.168.1.70 255.255.255.0

[LB-Ten-GigabitEthernet0/0.1] quit

# Enable the Telnet server on the card.

[LB] telnet server enable

# Configure the card to use AAA for Telnet users.

[LB] user-interface vty 0 4

[LB-ui-vty0-4] authentication-mode scheme

[LB-ui-vty0-4] quit

# Create local user named telnet.

[LB] local-user telnet

[LB-luser-telnet] service-type telnet

[LB-luser-telnet] password simple aabbcc

[LB-luser-telnet] quit

# Configure the AAA methods for the ISP domain as local authentication, authorization and accounting.

[LB] domain system

[LB-isp-system] authentication login local

[LB-isp-system] authorization login local

[LB-isp-system] accounting login local

[LB-isp-system] quit

# You can achieve the same result by configuring default AAA methods for all types of users.

[LB-isp-system] authentication default local

[LB-isp-system] authorization default local

[LB-isp-system] accounting default local

When telneting in to the LB module, a user uses username telnet@system for local authentication with the

domain system.

Internet

Telnet user

192.168.1.58/24

XGE0/0.1

192.168.1.70/24