Manualshelf

R3721-F3210-F3171-HP High-End Firewalls Access Control Configuration Guide-6PW101

ManualsBrandsHP ManualsComputer AccessoriesHP 7100/7200 IPsec dl Module
201202203204205206207208209210
200
Figure 154 Configuring the parameters for communication
# Through CLI, enable Telnet services on Firewall.
<Firewall> system-view
[Firewall] telnet server enable
# Configure Firewall to use AAA for Telnet user access control.
[Firewall] user-interface vty 0 4
[Firewall-ui-vty0-4] authentication-mode scheme
[Firewall-ui-vty0-4] quit
# Configure the ISP domain to use the HWTACACS scheme system for AAA.
[Firewall] domain bbb
[Firewall-isp-bbb] authentication login hwtacacs-scheme system
[Firewall-isp-bbb] authorization login hwtacacs-scheme system
[Firewall-isp-bbb] accounting login hwtacacs-scheme system
[Firewall-isp-bbb] quit
# Alternatively, you can configure the ISP domain to use HWTACACS scheme system as the default
authentication, authorization, and accounting schemes for all types of users.
[Firewall] domain bbb
[Firewall-isp-bbb] authentication default hwtacacs-scheme system
[Firewall-isp-bbb] authorization default hwtacacs-scheme system
[Firewall-isp-bbb] accounting default hwtacacs-scheme system
Verifying the configuration erification
On the Telnet client, enter the username in the format of userid@bbb and the correct password to log in
to the user interface of Firewall.
Configuring HWTACACS schemes at the CLI
HWTACACS configuration task list
Task Remarks
Creating an HWTACACS scheme Required
Specifying the HWTACACS authentication servers Required