Manualshelf

HP VPN Firewall Appliances Access Control Configuration Guide

ManualsBrandsHP ManualsComputer AccessoriesHP ProCurve Switch xl Access Controller Module
241242243244245246247248249250
240
SubState:NONE
ACL:NONE
Work-mode:stand-alone
MAC IP Vlan Interface
---------------------------------------------------------------------
0015-e9a6-7cfe 192.168.1.58 0 GigabitEthernet0/1
On interface GigabitEthernet0/1:total 1 user(s) matched, 1 listed.
# View the connection information on the firewall.
[Firewall] display connection
Index=20 ,Username=portal@dm1
MAC=00-15-E9-A6-7C-FE
IP=192.168.1.58
IPv6=N/A
Total 1 connection(s) matched.
HWTACACS configuration example
Network requirements
As shown in Figure 143, configure the firewall to use the HWTACACS server to provide authentication,
authorization, and accounting services for the Telnet user. Set the shared keys for authentication,
authorization, and accounting packets exchanged with the HWTACACS server to expert. Configure the
firewall to remove the domain name from a username before sending the username to the HWTACACS
server.
Figure 143 Network diagram
Configuring the HWTACACS server
Set the shared keys to expert, add a Telnet user account, and set the password for the user. (Details not
shown.)
Configuring the firewall
1. Configure the IP address of each interface and add them to security zones. (Details not shown.)
2. Create the HWTACACS scheme system:
a. From the navigation tree, select User > HWTACACS > Server Configuration.
b. On the page as shown in Figure 144, clic
k Add.
Internet
Firewall
Telnet user
HWTACACS server
10.1.1.1/24