HP 6125XLG R2306-HP 6125XLG Blade Switch Security Configuration Guide - Page 64
Create ISP domain, Create an LDAP scheme.
View all HP 6125XLG manuals
Add to My Manuals
Save this manual to your list of manuals |
Page 64 highlights
# Assign an IP address to VLAN-interface 2, the SSH user access interface. system-view [Switch] interface vlan-interface 2 [Switch-Vlan-interface2] ip address 192.168.1.70 24 [Switch-Vlan-interface2] quit # Assign an IP address to VLAN-interface 3, through which the switch communicates with the server. [Switch] interface vlan-interface 3 [Switch-Vlan-interface3] ip address 10.1.1.2 24 [Switch-Vlan-interface3] quit # Create local RSA and DSA key pairs. [Switch] public-key local create rsa [Switch] public-key local create dsa # Enable the SSH service. [Switch] ssh server enable # Enable scheme authentication for user interfaces VTY 0 through VTY 15. [Switch] user-interface vty 0 15 [Switch-ui-vty0-15] authentication-mode scheme [Switch-ui-vty0-15] quit # Enable the default-user-role authorization function, so that an SSH user gets the default user role network-operator after passing authentication. [Switch] role default-role enable # Configure an LDAP server. [Switch] ldap server ldap1 # Specify the IP address of the LDAP authentication server. [Switch-ldap-server-ldap1] ip 10.1.1.1 # Specify the administrator DN. [Switch-ldap-server-ldap1] login-dn cn=administrator,cn=users,dc=ldap,dc=com # Specify the administrator password. [Switch-ldap-server-ldap1] login-password simple admin!123456 # Configure the base DN for user search. [Switch-ldap-server-ldap1] search-base-dn dc=ldap,dc=com [Switch-ldap-server-ldap1] quit # Create an LDAP scheme. [Switch] ldap scheme ldap-shm1 # Specify the LDAP authentication server. [Switch-ldap-ldap-shm1] authentication-server ldap1 [Switch-ldap-ldap-shm1] quit # Create ISP domain bbb and configure AAA methods for login users. [Switch] domain bbb [Switch-isp-bbb] authentication login ldap-scheme ldap-shm1 [Switch-isp-bbb] authorization login none [Switch-isp-bbb] accounting login none [Switch-isp-bbb] quit 55