HP VPN Firewall Appliances System Management and Maintenance Configuration Guide
223
Ste
p
Command
Remarks
5. Configure
authorization
attributes.
authorization-attribute { acl
acl-number | callback-number
callback-number | idle-cut minute
| level level | user-profile
profile-name | user-role { guest |
guest-manager | security-audit } |
vlan vlan-id | work-directory
directory-name } *
Optional.
By default, the FTP users can access the root
directory of the device, and the user level is 0.
You can change the default configuration
using this command.
For more information about the local-user, password, service-type ftp, and authorization-attribute
commands, see Access Control Command Reference.
FTP server configuration example
Network requirements
Create a local user account with the username abc and password abc and enable FTP server on the
firewall in Figure 108. Use the user acco
unt to log in to the FTP server from the FTP client, upload the file
newest.bin from the FTP client to the FTP server, and download the configuration file config.cfg from the
FTP server to the FTP client for backup.
Figure 108 Network diagram
Configuration procedure
1. Configure the firewall (FTP server):
# Create a local user account abc, set its password to abc and the user privilege level to level 3 (the
manage level), specify the root directory of the cfa0: as the authorized directory, and specify the
service type as FTP.
<Sysname> system-view
[Sysname] local-user abc
[Sysname-luser-abc] password simple abc
[Sysname-luser-abc] authorization-attribute level 3
[Sysname-luser-abc] authorization-attribute work-directory cfa0:/
[Sysname-luser-abc] service-type ftp
[Sysname-luser-abc] quit
# Enable the FTP server.
[Sysname] ftp server enable
[Sysname] quit
# Check the available storage space of cfa0:. Make sure there is adequate space for the boot file
to be uploaded.
<Sysname> dir
Directory of cfa0:/