Manualshelf

HP VPN Firewall Appliances Access Control Configuration Guide

ManualsBrandsHP ManualsComputer AccessoriesHP ProCurve Switch xl Access Controller Module
271272273274275276277278279280
270
Figure 172 Configuring the ISP domain to use local authorization
5. In the CLI, enable the Telnet service, and configure VTY interfaces 0 through 4 to use AAA for
users.
<Firewall> system-view
[Firewall] telnet server enable
[Firewall] user-interface vty 0 4
[Firewall-ui-vty0-4] authentication-mode scheme
[Firewall-ui-vty0-4] quit
Verifying the configuration
1. Telnet to the firewall and enter the username telnet@test and password.
You can enter the user interface of the firewall.
2. Select User > Online User from the navigation tree.
You can see the user telnet@test on the list.
Figure 173 Displaying online users
Troubleshooting AAA
Troubleshooting RADIUS
Symptom 1
User authentication/authorization always fails.
Analysis
Possible reasons include:
A communication failure exists between the NAS and the RADIUS server.
The username is not in the format userid@isp-name or the ISP domain is not correctly configured on
the NAS.