HP VPN Firewall Appliances Getting Started Guide
114
e. Select the service type Web.
f. Enter aabbcc as the password and confirm the password.
g. Select Irreversible for Password Encryption.
h. Select the virtual device Root.
i. Click Apply.
Configuring a local user at the CLI
For more information, see Access Control Configuration Guide.
Controlling user logins
User login control can be configured only at the CLI.
Use ACLs to prevent unauthorized logins. For more information about ACLs, see Access Control
Configuration Guide.
Configuring Telnet login control
Use a basic ACL (2000 to 2999) to filter Telnet traffic by source IP address. Use an advanced ACL (3000
to 3999) to filter Telnet traffic by source and/or destination IP address. Use an Ethernet frame header
ACL (4000 to 4999) to filter Telnet traffic by source MAC address.
To access the device, a Telnet user must match a permit statement in the ACL applied to the user interface.
Configuring source IP-based Telnet login control
Ste
p
Command
Remarks
1. Enter system view.
system-view N/A
2. Create a basic ACL and enter
its view, or enter the view of
an existing basic ACL.
acl [ ipv6 ] number acl-number [ name
name ] [ match-order { config | auto } ]
By default, no basic ACL
exists.
3. Configure an ACL rule.
• For IPv4 networks:
rule [ rule-id ] { deny | permit }
[ counting | fragment | logging |
source { sour-addr sour-wildcard |
any } | time-range time-range-name |
vpn-instance vpn-instance-name ] *
• For IPv6 networks:
rule [ rule-id ] { deny | permit }
[ counting | fragment | logging |
routing [ type routing-type ] | source
{ ipv6-address prefix-length |
ipv6-address/prefix-length | any } |
time-range time-range-name |
vpn-instance vpn-instance-name ] *
By default, a basic ACL
does not contain any rule.
The logging keyword takes
effect only when the module
(such as the firewall) using
the ACL supports the
logging function.
4. Exit the basic ACL view.
quit N/A
5. Enter user interface view.
user-interface [ type ] first-number
[ last-number ]
N/A