HP 6125G HP 6125G & 6125G/XG Blade Switches Security Configuration Gui - Page 69
Create ISP domain, Create an HWTACACS scheme named
View all HP 6125G manuals
Add to My Manuals
Save this manual to your list of manuals |
Page 69 highlights
[Switch-Vlan-interface2] ip address 192.168.1.70 255.255.255.0 [Switch-Vlan-interface2] quit # Configure the IP address of VLAN-interface 3, through which the switch communicates with the server. [Switch] interface vlan-interface 3 [Switch-Vlan-interface3] ip address 10.1.1.2 255.255.255.0 [Switch-Vlan-interface3] quit # Enable the switch to provide Telnet service. [Switch] telnet server enable # Configure the switch to use AAA for Telnet users. [Switch] user-interface vty 0 4 [Switch-ui-vty0-4] authentication-mode scheme [Switch-ui-vty0-4] quit # Use HWTACACS authentication for user level switching authentication and, if HWTACACS authentication is not available, use local authentication. [Switch] super authentication-mode scheme local # Create an HWTACACS scheme named hwtac. [Switch] hwtacacs scheme hwtac # Specify the IP address for the primary authentication server as 10.1.1.1 and the port for authentication as 49. [Switch-hwtacacs-hwtac] primary authentication 10.1.1.1 49 # Set the shared key for secure authentication communication to expert. [Switch-hwtacacs-hwtac] key authentication simple expert # Configure the scheme to remove the domain name from a username before sending the username to the HWTACACS server. [Switch-hwtacacs-hwtac] user-name-format without-domain [Switch-hwtacacs-hwtac] quit # Create ISP domain bbb. [Switch] domain bbb # Configure the ISP domain to use local authentication for Telnet users. [Switch-isp-bbb] authentication login local # Configure to use HWTACACS scheme hwtac for privilege level switching authentication. [Switch-isp-bbb] authentication super hwtacacs-scheme hwtac [Switch-isp-bbb] quit # Create a local Telnet user named test. [Switch] local-user test [Switch-luser-test] service-type telnet [Switch-luser-test] password simple aabbcc # Configure the user level of the Telnet user to 0 after user login. [Switch-luser-test] authorization-attribute level 0 [Switch-luser-test] quit # Configure the password for local privilege level switching authentication to 654321. [Switch] super password simple 654321 [Switch] quit 2. Configure the HWTACACS server: 59