H3C Technologies H3C SecPath F1000-E User Manual

Page 219

Advertising
background image

208

Step Command

Remarks

3.

Use an ACL to control FTP
clients’ access to the firewall. ftp server acl acl-number

Optional.
By default, no ACL is used to control
FTP clients’ access to the firewall.

4.

Configure the idle-timeout
timer.

ftp timeout minutes

Optional.
30 minutes by default.
Within the idle-timeout time, if there is
no information interaction between

the FTP server and client, the

connection between them is

terminated.

5.

Set the file update mode for
the FTP server.

ftp update { fast | normal }

Optional.
Normal update is used by default.

6.

Quit to user view.

quit

N/A

7.

Manually release the FTP

connection established with
the specified username.

free ftp user username

Optional.
Available in user view.

Configuring authentication and authorization on the FTP server

To allow an FTP user to access certain directories on the FTP server, you need to create an account for the
user, authorize the user to access the directories and configure a password for the user.
Make the following configuration to perform authentication and authorization on a local FTP user. To

authenticate remote FTP users, you need to configure authentication, authorization and accounting

(AAA). For detailed configuration about AAA, see Access Control Configuration Guide.
In local authentication, the firewall checks the entered username and password against those configured

on the firewall. In remote authentication, the firewall sends the entered username and password to the

remote authentication server for authentication.
To configure authentication and authorization for FTP server:

Step Command

Remarks

1.

Enter system view.

system-view

N/A

2.

Create a local user
and enter its view. local-user user-name

No local user exists by default, and the system
does not support FTP anonymous user access.

3.

Assign a password
to the user.

password { simple | cipher }
password

N/A

4.

Assign the FTP
service to the user. service-type ftp

By default, the system does not support
anonymous FTP access, and does not assign
any service. If the FTP service is assigned, the

root directory of the firewall is used by

default.

Advertising
This manual is related to the following products:

H3C SecPath F5000-A5 Firewall, H3C SecPath F1000-A-EI, H3C SecPath F1000-E-SI, H3C SecPath F1000-S-AI, H3C SecPath F5000-S Firewall, H3C SecPath F5000-C Firewall, H3C SecPath F100-C-SI, H3C SecPath F1000-C-SI, H3C SecPath F100-A-SI, H3C SecBlade FW Cards, H3C SecBlade FW Enhanced Cards, H3C SecPath U200-A U200-M U200-S, H3C SecPath U200-CA U200-CM U200-CS

Popular Brands
Popular manuals