R3721-F3210-F3171-HP High-End Firewalls System Management and Maintenance Configuration Guide-6PW101

ManualsBrandsHP ManualsComputer AccessoriesHP 7100/7200 IPsec dl Module

181

182

183

184

185

186

187

188

189

190

176

Figure 83 Network diagram

Configuration procedure

1. Configure the SFTP server.

# Generate the RSA key pairs.

<Firewall> system-view

[Firewall] public-key local create rsa

The range of public key size is (512 ~ 2048).

NOTES: If the key modulus is greater than 512,

It will take a few minutes.

Press CTRL+C to abort.

Input the bits of the modulus[default = 1024]:

Generating Keys...

++++++++

++++++++++++++

+++++

++++++++

# Generate a DSA key pair.

[Firewall] public-key local create dsa

The range of public key size is (512 ~ 2048).

NOTES: If the key modulus is greater than 512,

It will take a few minutes.

Press CTRL+C to abort.

Input the bits of the modulus[default = 1024]:

Generating Keys...

++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++

+++++++++++++++++++++++++++++++++++

# Enable the SSH server.

[Firewall] ssh server enable

# Enable the SFTP server.

[Firewall] sftp server enable

# Configure an IP address for interface GigabitEthernet 0/1, which the client will use as the

destination for SSH connection.

[Firewall] interface gigabitethernet 0/1

[Firewall-GigabitEthernet0/1] ip address 192.168.1.45 255.255.255.0

[Firewall-GigabitEthernet0/1] quit

# Set the authentication mode of the user interfaces to AAA.

[Firewall] user-interface vty 0 4

[Firewall-ui-vty0-4] authentication-mode scheme

# Enable the user interfaces to support SSH.

[Firewall-ui-vty0-4] protocol inbound ssh

[Firewall-ui-vty0-4] quit