H3C Technologies H3C SecBlade LB Cards User Manual

Page 25

Advertising
background image

15

Step Command

Remarks

3.

Enable scheme
authentication.

authentication-mode scheme

Whether local, RADIUS, or
HWTACACS authentication is
adopted depends on the configured

AAA scheme.
By default, console login users are

not authenticated.

4.

Enable command
authorization.

command authorization

Optional.
By default, command authorization

is disabled. The commands

available for a user only depend on
the user privilege level.

5.

Enable command

accounting.

command accounting

Optional.
By default, command accounting is
disabled. The accounting server

does not record the commands

executed by users.

6.

Exit to system view.

quit

N/A

7.

Apply an AAA
authentication scheme to

the intended domain.

a.

Enter ISP domain view:
domain domain-name

b.

Apply an AAA scheme to
the domain:

authentication default

{ hwtacacs-scheme
hwtacacs-scheme-name

[ local ] | local | none |

radius-scheme

radius-scheme-name
[ local ] }

c.

Exit to system view:
quit

Optional.
By default, local authentication is
used.
For local authentication, configure

local user accounts.
For RADIUS or HWTACACS
authentication, configure the

RADIUS or HWTACACS scheme on

the LB product and configure
authentication settings (including the

username and password) on the

server.
For more information about AAA

configuration, see Security
Configuration Guide.

8.

Create a local user and
enter local user view.

local-user user-name

By default, there is a local user
named admin.

9.

Set an authentication
password for the local user.

password [ [ hash ] { cipher |
simple } password ]

By default, no password is set.

10.

Specifies a command level

of the local user.

authorization-attribute level level

Optional.
By default, the command level is 0.

11.

Specify terminal service for
the local user.

service-type terminal

By default, no service type is
specified.

12.

Configure common settings
for console login.

See "

Configuring common console

user interface settings (optional)

."

Optional.

The next time you attempt to log in through the console port, you must provide the configured login
username and password, as shown in

Figure 15

.

Advertising
This manual is related to the following products:

H3C SecPath L1000-A Load Balancer

Popular Brands
Popular manuals