EasyManua.ls Logo

HP 5820X Switch - Page 260

HP 5820X Switch
294 pages
To Next Page IconTo Next Page
To Next Page IconTo Next Page
To Previous Page IconTo Previous Page
To Previous Page IconTo Previous Page
Loading...
250
Set the authentication mode to scheme for the user logging in to the device, and make sure that
only the local user who has passed the AAA local authentication can view and perform
operations on the security log file.
2. Logging in to the device as the security log administrator
Set the directory for saving the security log file to Flash:/securitylog/seclog.log.
View the contents of the security log file to get the security status of the device.
Back up the security log file to the FTP server.
Configuration procedure
1. Configuration performed by the system administrator
# Enable the saving of the security logs into the security log file and set the frequency with which the
system automatically saves the security log file to one hour.
<Sysname> system-view
[Sysname] info-center security-logfile enable
[Sysname] info-center security-logfile frequency 3600
# Create a local user seclog, and configure the password for the user as 123123123123 .
[Sysname] local-user seclog
New local user added.
[Sysname-luser-seclog] password simple 123123123123
# Authorize the user to manage the security log file.
[Sysname-luser-seclog] authorization-attribute level 3 user-role security-audit
# Authorize the user to use SSH, Telnet, and terminal services.
[Sysname-luser-seclog] service-type ssh telnet terminal
[Sysname-luser-seclog] quit
# According to the network plan, the user will log in to the device through SSH or telnetting, so you
must configure the authentication mode of the VTY user interface as scheme.
[Sysname] display user-interface vty ?
INTEGER<0-15> Specify one user terminal interface
The command output indicates that the device supports sixteen VTY user interfaces, which are
numbered 0 through 15.
[Sysname] user-interface vty 0 15
[Sysname-ui-vty0-15] authentication-mode scheme
[Sysname-ui-vty0-15] quit
2. Configuration performed by the security log administrator
# Re-log in to the device as user seclog.
C:/> telnet 1.1.1.1
******************************************************************************
* Copyright (c) 2010-2011 Hewlett-Packard Development Company, L.P. *
* Without the owner's prior written consent, *
* no decompiling or reverse-engineering shall be allowed. *
******************************************************************************
Login authentication

Table of Contents

Related product manuals