4000 Router Series Fundamentals Configuration Guide

ManualsBrandsHP ManualsNetwork HardwareHP MSR3024 TAA-compliant AC Router

Ste

Command

Remarks

1. Enter system view.

system-view N/A

2. Create a feature group

and enter feature group

view.

role feature-group name

feature-group-name

By default, the system has the following

predefined feature groups:

• L2—Includes all Layer 2 commands.

• L3—Includes all Layer 3 commands.

These two groups are not user configurable.

3. Add a feature to the

feature group.

feature feature-name

By default, a feature group has no features.

IMPORTANT:

You can specify only features available in

the system and must enter feature names

exactly the same as they are displayed,

including the case.

Changing resource access policies

Every user role has one interface policy, VLAN policy, and VPN instance policy. By default, these policies

permit user roles to access any interface, VLAN, and VPN. You can change the policies of user-defined

user roles and the predefined level-n user roles to limit their access to interfaces, VLANs, and VPNs. A

changed policy takes effect only on users that are logged in with the user role after the change.

Changing the interface policy of a user role

Ste

Command

Remarks

1. Enter system view.

system-view N/A

2. Enter user role view.

role name role-name N/A

3. Enter user role interface

policy view.

interface policy deny

By default, the interface policies of

user roles permit access to all

interfaces.

This command disables the access of

the user role to any interface.

4. (Optional.) Specify a list of

interfaces accessible to the

user role.

permit interface interface-list

By default, no accessible interfaces

are configured.

To add more accessible interfaces,

repeat this step.

Changing the VLAN policy of a user role

Ste

Command

Remarks

1. Enter system view.

system-view N/A

2. Enter user role view.

role name role-name N/A