Oaa configuration example, Network requirements, Configuration procedure – H3C Technologies H3C SecBlade IPS Cards User Manual

72

OAA Configuration Example

Network requirements

•

The intranet is interconnected to the Internet through Device B that acts as the ACFP server.

•

Device A is connected to Device B to control the traffic on Device B and analyze the traffic from the

intranet to the Internet. Users on the intranet segment 192.168.2.0/24 are not allowed to access the
website www.abc.com.

Figure 54 Network diagram for OAA configuration

Internet

Router

Network

Management

Switch

Enterprise

Device A

OAA client

Device B

OAA server

Vlan-int100
192.168.1.1/24

Ten-GigabitEthernet2/0/1

192.1681.2/24

GE4/0/1

GE4/0/2

Configuration procedure

1.

Configure the OAA server

Follow these steps to configure the OAA server (the detailed configuration is omitted here):

•

Enable the OAA server.

•

Configure a VLAN interface for VLAN 100, and set the IP address of the interface to 192.168.1.1.

•

Configure the port-connect-mode of the internal interface as extended.

•

Specify SNMPv3.

•

Create a user with the username v3user, and specify the security level as no authentication no
privacy.

2.

Configure the OAA client

# Configure the OAA client.

•

Select System Management > Device Management > OAA Configuration, and perform the
following operations, as shown in

Figure 55

.