H3C Technologies H3C SecPath F1000-E User Manual

Page 238

Advertising
background image

228

# Configure the IP address of GigabitEthernet 0/2, through which SecPath communicates with the server.

[SecPath] interface GigabitEthernet 0/2

[SecPath-GigabitEthernet0/2] ip address 10.1.1.2 255.255.255.0

[SecPath-GigabitEthernet0/2] quit

# Enable SecPath to provide Telnet service.

[SecPath] telnet server enable

# Configure SecPath to use AAA for Telnet users.

[SecPath] user-interface vty 0 4

[SecPath-ui-vty0-4] authentication-mode scheme

[SecPath-ui-vty0-4] quit

# Use RADIUS authentication for user privilege level switching authentication and, if RADIUS

authentication is not available, use local authentication.

[SecPath] super authentication-mode scheme local

# Create RADIUS scheme rad.

[SecPath] radius scheme rad

# Specify the IP address of the primary authentication server as 10.1.1.1, and the port for authentication
as 1812.

[SecPath-radius-rad] primary authentication 10.1.1.1 1812

# Set the shared key for authenticating authentication packets to expert.

[SecPath-radius-rad] key authentication expert

# Specify the service type of the RADIUS server as standard.

[SecPath-radius-rad] server-type standard

# Specify the scheme to exclude the domain names from usernames to be sent to the RADIUS server.

[SecPath-radius-rad] user-name-format without-domain

[SecPath-radius-rad] quit

# Create ISP domain bbb.

[SecPath] domain bbb

# Configure the AAA methods for domain bbb as local authentication.

[SecPath-isp-bbb] authentication login local

# Configure the domain to use the RADIUS scheme rad for user privilege level switching authentication.

[SecPath-isp-bbb] authentication super radius-scheme rad

[SecPath-isp-bbb] quit

# Create a local Telnet user named test.

[SecPath] local-user test

[SecPath-luser-test] service-type telnet

[SecPath-luser-test] password simple aabbcc

# Configure the user level of the Telnet user to 0 after user login.

[SecPath-luser-test] authorization-attribute level 0

[SecPath-luser-test] quit

# Configure the password for local level switching authentication to 654321.

[SecPath] super password simple 654321

[SecPath] quit

Advertising
This manual is related to the following products:

H3C SecPath F5000-A5 Firewall, H3C SecPath F1000-A-EI, H3C SecPath F1000-E-SI, H3C SecPath F1000-S-AI, H3C SecPath F5000-S Firewall, H3C SecPath F5000-C Firewall, H3C SecPath F100-C-SI, H3C SecPath F1000-C-SI, H3C SecPath F100-A-SI, H3C SecBlade FW Cards, H3C SecBlade FW Enhanced Cards, H3C SecPath U200-A U200-M U200-S, H3C SecPath U200-CA U200-CM U200-CS

Popular Brands
Popular manuals