Ftp server configuration example, Network requirements, Configuration procedure – H3C Technologies H3C SecPath F1000-E User Manual

Page 220

209

Step Command

Remarks

Configure user

properties.

authorization-attribute { acl
acl-number | callback-number
callback-number | idle-cut minute

| level level | user-profile

profile-name | vlan vlan-id |
work-directory directory-name } *

Optional.
By default, the FTP/SFTP users can access the
root directory of the firewall, and the user

level is 0. You can change the default

configuration by using this command.

NOTE:
•

For more information about the local-user, password, service-type ftp, and authorization-attribute
commands, see

Access Control Configuration Guide.

•

When the firewall serves as the FTP server, to perform the write operations (for example, upload, delete,
create, and delete) on the device’s file system, the FTP login users must be level 3 users; to perform other
operations, for example, read operation, users of any level from 0 to 3 are allowed.

FTP server configuration example

Network requirements

•

As shown in

Figure 110

, use the SecPath as an FTP server, and the PC as the FTP client. Their IP

addresses are 1.2.1.1/16 and 1.1.1.1/16 respectively. The SecPath and PC are reachable to each

other.

•

PC keeps the newest boot file of the SecPath. Use FTP to upgrade the SecPath and back up the
configuration file.

•

Set the username to abc and the password to abc for the FTP client to log in to the FTP server.

Figure 110 Network diagram

Configuration procedure

Configure the SecPath (FTP server):
# Create an FTP user account abc, set its password to abc and the user privilege level to level 3 (the
manage level). Allow user abc to access the root directory of the flash, and specify abc to use FTP.

system-view

[Sysname] local-user abc

[Sysname-luser-abc] password simple abc

[Sysname-luser-abc] authorization-attribute level 3

[Sysname-luser-abc] authorization-attribute work-directory flash0:/

[Sysname-luser-abc] service-type ftp

[Sysname-luser-abc] quit

# Enable FTP server.

[Sysname] ftp server enable

[Sysname] quit

This manual is related to the following products:

H3C SecPath F5000-A5 Firewall H3C SecPath F1000-A-EI H3C SecPath F1000-E-SI H3C SecPath F1000-S-AI H3C SecPath F5000-S Firewall H3C SecPath F5000-C Firewall H3C SecPath F100-C-SI H3C SecPath F1000-C-SI H3C SecPath F100-A-SI H3C SecBlade FW Cards H3C SecBlade FW Enhanced Cards H3C SecPath U200-A U200-M U200-S H3C SecPath U200-CA U200-CM U200-CS