Manualshelf

R3204P16-HP Load Balancing Module System Management Configuration Guide-6PW101

ManualsBrandsHP ManualsComputer AccessoriesHP 7100/7200 IPsec dl Module
41424344454647484950
38
# Create a certificate attribute-based access control policy myacp. Configure a certificate
attribute-based access control rule, specifying that a certificate is considered valid when it matches an
attribute rule in certificate attribute group myacp.
[LB] pki certificate access-control-policy myacp
[LB-pki-cert-acp-myacp] rule 1 permit mygroup1
[LB-pki-cert-acp-myacp] quit
# Associate the HTTPS service with SSL server policy myssl.
[LB] ip https ssl-server-policy myssl
# Associate the HTTPS service with certificate attribute-based access control policy myacp.
[LB] ip https certificate access-control-policy myacp
# Enable the HTTPS service.
[LB] ip https enable
# Create a local user named usera, set the password to 12 3 for the user, and specify the web service type
for the local user.
[LB] local-user usera
[LB-luser-usera] password simple 123
[LB-luser-usera] service-type web
2. Configure the host that acts as the HTTPS client
On the host, run the IE browser. In the address bar, enter http://10.1.2.2/certsrv and request a certificate
for the host as prompted.
3. Verify the configuration
Enter https://10.1.1.1 in the address bar, and select the certificate issued by new-ca. Then the web login
page of the LB module appears. On the login page, type the username usera, and password 123 to enter
the web management page.
NOTE:
To log in to the web interface through HTTPS, enter the URL address starting with https://. To lo
g
in to
the web interface through HTTP, enter the URL address starting with http://.
For more information about PKI configuration commands, see the PKI Commands in
Security Comman
d
Reference.
For more information about SSL configuration commands, see the SSL Commands in
Security
Command Reference
.
Troubleshooting web browser
Symptom
You can ping the device successfully, and log in to the device through Telnet. HTTP is enabled and the
operating system and browser version meet the Web interface requirements. However, you cannot
access the Web interface of the device.
Analysis
If you use the Microsoft Internet Explorer, you can access the Web interface only when the following
functions are enabled: Run ActiveX controls and plug-ins, script ActiveX controls marked safe for
scripting and active scripting.
If you use the Mozilla Firefox, you can access the Web interface only when JavaScript is enabled.