R3204P16-HP Load Balancing Module System Management Configuration Guide-6PW101

ManualsBrandsHP ManualsComputer AccessoriesHP 7100/7200 IPsec dl Module

To do… Use the command…

Remarks

Enable the HTTPS

service

ip https enable

Required

Disabled by default.

Enabling the HTTPS service triggers an SSL handshake

negotiation process. During the process, if the local

certificate of the device exists, the SSL negotiation

succeeds, and the HTTPS service can be started properly.

If no local certificate exists, a certificate application

process will be triggered by the SSL negotiation. Because

the application process takes much time, the SSL

negotiation often fails and the HTTPS service cannot be

started normally. In that case, you need to execute the ip

https enable command multiple times to start the HTTPS

service.

Associate the HTTPS

service with a certificate

attribute-based access

control policy

ip https certificate

access-control-policy

policy-name

Optional

By default, the HTTPS service is not associated with any

certificate-based attribute access control policy.

• Associating the HTTPS service with a certificate-based

attribute access control policy enables the device to

control the access rights of clients.

• You must configure the client-verify enable command

in the associated SSL server policy. If not, no clients

can log in to the device.

• The associated SSL server policy must contain at least

one permit rule. Otherwise, no clients can log in to the

device.

• For more information about certificate attribute-based

access control policies, see Security Configuration

Guide.

Configure the port

number of the HTTPS

service

ip https port

port-number

Optional

443 by default.

Associate the HTTPS

service with an ACL

ip https acl acl-number

Required

By default, the HTTPS service is not associated with any

ACL.

Associating the HTTPS service with an ACL enables the

device to allow only clients permitted by the ACL to

access the device.

Create a local user and

enter local user view

local-user user-name

Required

By default, a local user named admin exists.

Configure a password

for the local user

password { cipher |

simple } password

Required

By default, the password is admin for the local user

named admin.

Specify the command

level of the local user

authorization-attribute

level level

Required

By default, no command level is configured for the local

user.