Manualshelf

R3204P16-HP Load Balancing Module System Management Configuration Guide-6PW101

ManualsBrandsHP ManualsComputer AccessoriesHP 7100/7200 IPsec dl Module
81828384858687888990
83
Configuring source IP-based login control over
NMS users
Administrators can use a network management station (NMS) to remotely log in and manage the LB
module through the Simple Network Management Protocol (SNMP). By using an ACL, you can control
SNMP user access to the module.
Configuration preparation
Before configuration, determine the permitted or denied source IP addresses.
Configuring source IP-based login control over NMS users
Basic ACLs match the source IP addresses of packets, so you can use basic ACLs to implement source
IP-based login control over NMS users. Basic ACLs are numbered from 2000 to 2999. For more
information about ACL, see Security Configuration Guide.
Follow these steps to configure source IP-based login control over NMS users:
To do… Use the command…
Remarks
Enter system view system-view
Create a basic ACL and
enter its view, or enter the
view of an existing basic
ACL
acl number acl-number [ match-order { config |
auto } ]
Required
By default, no basic ACL
exists.
Create rules for this ACL
rule [ rule-id ] { permit | deny } [ source { sour-addr
sour-wildcard | any } | time-range time-name |
fragment | logging ]*
Required
Exit the basic ACL view quit
Associate this SNMP
community with the ACL
snmp-agent community { read | write }
community-name [ acl acl-number | mib-view
view-name ]*
Required
You can associate the
ACL when creating the
community, the SNMP
group, and the user.
For more information
about SNMP, see
System Maintenance
Configuration Guide.
Associate the SNMP group
with the ACL
snmp-agent group { v1 | v2c } group-name
[ read-view read-view ] [ write-view write-view ]
[ notify-view notify-view ] [ acl acl-number ]
snmp-agent group v3 group-name [ authentication |
privacy ] [ read-view read-view ] [ write-view
write-view ] [ notify-view notify-view ] [ acl
acl-number ]
Associate the user with the
ACL
snmp-agent usm-user { v1 | v2c } user-name
group-name [ acl acl-number ]
snmp-agent usm-user v3 user-name group-name
[ [ cipher ] authentication-mode { md5 | sha }
auth-password [ privacy-mode { 3des | aes128 |
des56 } priv-password ] ] [ acl acl-number ]