Manualshelf

HP VPN Firewall Appliances Access Control Configuration Guide

ManualsBrandsHP ManualsComputer AccessoriesHP ProCurve Switch xl Access Controller Module
201202203204205206207208209210
202
Ste
p
Command
Remarks
7. Configure password control
attributes for the local user.
Set the password aging time:
password-control aging
aging-time
Set the minimum password
length:
password-control length length
Configure the password
composition policy:
password-control composition
type-number type-number
[ type-length type-length ]
Optional.
By default, the local user uses
password control attributes of the
user group to which the local user
belongs, and uses the global
setting for any password control
attribute that is not configured in
the user group. The global settings
include a 90-day password aging
time, a minimum password length
of 10 characters, and at least one
password composition type and at
least one character required for
each password composition type.
The password must contain at least
8 characters.
In FIPS mode, the composition
type-number must be 4.
8. Configure binding attributes
for the local user.
bind-attribute { call-number
call-number [ : subcall-number ] |
ip ip-address } *
Optional.
By default, no binding attribute is
configured for a local user.
9. Configure authorization
attributes for the local user.
authorization-attribute { acl
acl-number | callback-number
callback-number | idle-cut minute
| level level | user-role { guest |
guest-manager | security-audit } |
vlan vlan-id | work-directory
directory-name } *
Optional.
By default, no authorization
attribute is configured for a local
user.
For PPP users, only acl,
callback-number, and idle-cut are
supported.
For portal users, only acl, idle-cut,
and vlan are supported.
For SSH, terminal, and Web users,
only level is supported.
For FTP users, only level and
work-directory are supported.
For Telnet users, only level and
user-role is supported.
For other types of local users, no
authorization attribute is
supported.
10. Set the validity time of the
local user.
validity-date time
Optional.
Not set by default.
11. Set the expiration time of the
local user.
expiration-date time
Optional.
Not set by default.
12. Assign the local user to a user
group.
group group-name
Optional.
By default, a local user belongs to
the default user group system.