Manualshelf

R3721-F3210-F3171-HP High-End Firewalls Getting Started Guide-6PW101

ManualsBrandsHP ManualsComputer AccessoriesHP 7100/7200 IPsec dl Module
31323334353637383940
32
Ste
p
Command
Remarks
11. Configure the authentication
mode.
a. Enter the default ISP
domain view:
domain domain-name
b. Apply the specified AAA
scheme to the domain:
authentication
default.{ hwtacacs-schem
e hwtacacs-scheme-name
[ local ] | local | none |
radius-scheme
radius-scheme-name
[ local ] }
c. Exit to system view:
quit
Optional.
For local authentication, configure
local user accounts.
For RADIUS or HWTACACS
authentication, configure the
RADIUS or HWTACACS scheme
on the device and configure
authentication settings (including
the username and password) on
the server.
For more information about AAA
configuration, see Access Control
Configuration Guide.
12. Create a local user and enter
local user view.
local-user user-name By default, no local user exists.
13. Set the local password.
password { cipher | simple }
password
By default, no local password is
set.
14. Specify the command level of
the local user.
authorization-attribute level level
Optional.
By default, the command level is 0.
15. Specify the service type for the
local user.
service-type ssh
By default, no service type is
specified.
16. Return to system view.
quit N/A
17. Create an SSH user, and
specify the authentication
mode for the SSH user.
ssh user username service-type
stelnet authentication-type
{ password | { any |
password-publickey | publickey }
assign publickey keyname }
By default, no SSH user exists, and
no authentication mode is
specified.
18. Configure common settings
for VTY user interfaces.
See "Configuring common VTY
user interface settings (optional)."
Optional.
Using the device as an SSH client to log in to the SSH server
You can use the device as an SSH client to log in to an SSH server. If the server is located in a different
subnet than the device, make sure that the two devices have routes to reach each other.
Figure 23 Logging in to an SSH server from the firewall
Perform the following tasks as appropriate in user view:
Task Command
Remarks
Log in to an IPv4 SSH server. ssh2 server
server is the IPv4 address or host
name of the server.