R3721-F3210-F3171-HP High-End Firewalls Getting Started Guide-6PW101

ManualsBrandsHP ManualsComputer AccessoriesHP 7100/7200 IPsec dl Module

Ste

Command

Remarks

5. Enable command

accounting.

command accounting

Optional.

By default, command accounting is

disabled. The accounting server does not

record the commands executed by users.

Command accounting allows the

HWTACACS server to record all the

commands executed by users, regardless

of command execution results. This helps

control and monitor user operations on the

device. If command accounting is enabled

and command authorization is not

enabled, every executed command is

recorded on the HWTACACS server. If

both command accounting and command

authorization are enabled, only the

authorized and executed commands are

recorded on the HWTACACS server.

6. Return to system view.

quit N/A

7. Apply an AAA

authentication scheme

to the intended

domain.

a. Enter ISP domain view:

domain domain-name

b. Apply an AAA scheme to

the domain:

authentication default

{ hwtacacs-scheme

hwtacacs-scheme-name

[ local ] | local | none |

radius-scheme

radius-scheme-name

[ local ] }

c. Exit to system view:

quit

Optional.

By default, local authentication is used.

For local authentication, configure local

user accounts.

For RADIUS or HWTACACS

authentication, configure the RADIUS or

HWTACACS scheme on the device and

configure authentication settings (including

the username and password) on the server.

For more information about AAA

configuration, see Access Control

Configuration Guide.

8. Create a local user

and enter local user

view.

local-user user-name By default, no local user exists.

9. Set the authentication

password for the local

user.

password { cipher | simple }

password

N/A

10. Specifies the command

level of the local user.

authorization-attribute level level

Optional

By default, the command level is 0.

11. Specify the service

type for the local user.

service-type terminal By default, no service type is specified.

12. Configure common

settings for console

See "Configuring common

console user int

erface settings

(optional)."

Optional

The next time you attempt to log in through the console port, you must provide the configured login

username and password.