beautypg.com

Configuring common vty user, Interface settings (optional) – H3C Technologies H3C SecPath F1000-E User Manual

Page 33

background image

25

Step Command

Remarks

8.

Apply an AAA authentication
scheme to the intended domain.

a.

Enter ISP domain view:
domain domain-name

b.

Apply an AAA scheme

to the domain:

authentication default
{ hwtacacs-scheme

hwtacacs-scheme-name

[ local ] | local | none |
radius-scheme

radius-scheme-name

[ local ] }

c.

Exit to system view:

quit

Optional.
By default, local authentication is

used.
For local authentication, configure
local user accounts.
For RADIUS or HWTACACS
authentication, configure the

RADIUS or HWTACACS scheme
on the device and configure

authentication settings (including

the username and password) on the

server.
For more information about AAA
configuration, see Access Control

Configuration Guide.

9.

Create a local user and enter
local user view.

local-user user-name

By default, no local user exists.

10.

Set the local password.

password { cipher | simple }
password

By default, no local password is set.

11.

Specifies the command level of

the local user.

authorization-attribute level
level

Optional.
By default, the command level is 0.

12.

Specify the service type for the
local user.

service-type telnet

By default, no service type is
specified.

13.

Exit to system view.

quit N/A

14.

Configure common settings for
VTY user interfaces.

See "

Configuring common VTY

user interface settings

(optional)

."

Optional.

The next time you attempt to Telnet to the CLI, you must provide the configured login username and
password. If you are required to pass a second authentication, you must also provide the correct

password to access the CLI. If the maximum number of login users has been reached, your login attempt

fails and the message "All user interfaces are used, please try later!" appears.
When users adopt the scheme mode to log in to the device, the level of the commands that the users can
access depends on the user privilege level defined in the AAA scheme.

When the AAA scheme is local, the user privilege level is defined by the authorization-attribute
level level command.

When the AAA scheme is RADIUS or HWTACACS, the user privilege level is configured on the
RADIUS or HWTACACS server.

Configuring common VTY user interface settings (optional)

You might be unable to access the CLI through a VTY user interface after configuring the auto-execute

command command on it. Before you configure the command and save the configuration, make sure that

you can access the CLI through a different user interface.
To configure common settings for VTY user interfaces:

This manual is related to the following products:
See also other documents in the category H3C Technologies Safety: