R3721-F3210-F3171-HP High-End Firewalls Getting Started Guide-6PW101
38
Ste
p
Command
Remarks
4. Associate the HTTPS service
with a certificate
attribute-based access control
policy.
ip https certificate
access-control-policy policy-name
Optional.
By default, the HTTPS service is not
associated with any
certificate-based attribute access
control policy.
Associating the HTTPS service with
a certificate-based attribute access
control policy enables the device to
control the access rights of clients.
You must configure the client-verify
enable command in the associated
SSL server policy. If not, no clients
can log in to the device.
The associated SSL server policy
must contain at least one permit
rule. Otherwise, no clients can log
in to the device.
For more information about
certificate attribute-based access
control policies, see VPN
Configuration Guide.
5. Configure the port number of
the HTTPS service.
ip https port port-number
Optional.
443 by default.
6. Associate the HTTPS service
with an ACL.
ip https acl acl-number
By default, the HTTPS service is not
associated with any ACL.
Associating the HTTPS service with
an ACL enables the device to allow
only clients permitted by the ACL to
access the device.
7. Create a local user and enter
local user view.
local-user user-name
By default, no local user is
configured.
8. Configure a password for the
local user.
password { cipher | simple }
password
By default, no password is
configured for the local user.
9. Specify the command level of
the local user.
authorization-attribute level level
By default, no command level is
configured for the local user.
10. Specify the Telnet service type
for the local user.
service-type web
By default, no service type is
configured for the local user.
11. Exit to system view.
quit N/A
12. Enter management interface
view.
interface interface-type
interfac-number
N/A
13. Assign an IP address to the
management interface.
ip address ip-address { mask |
mask-length }
By default, the IP address of the
management interface is
192.168.0.1/24.