EasyManuals Logo

HP 5920 Series Fundamentals Configuration Guide

HP 5920 Series
215 pages
To Next Page IconTo Next Page
To Next Page IconTo Next Page
To Previous Page IconTo Previous Page
To Previous Page IconTo Previous Page
Page #65 background imageLoading...
Page #65 background image
57
Ste
p
Command
Remarks
3. Enter user role VPN
instance policy view.
vpn-instance policy deny
By default, the VPN instance policy of
the user role permits access to all
VPNs.
This command denies the access of the
user role to all VPNs if the permit
vpn-instance command is not
configured.
4. (Optional.) Specify a list of
VPNs accessible to the user
role.
permit vpn-instance
vpn-instance-name&<1-10>
By default, no accessible VPNs are
configured in user role VPN instance
policy view.
Repeat this step to add more
accessible VPNs.
Assigning user roles
To control user access to the system, you must assign at least one user role. Make sure at least one user
role among the user roles assigned by the server exists on the device. User role assignment procedure
varies with remote AAA authentication users, local AAA authentication users, and non-AAA
authentication users. For more information about AAA authentication, see Security Configuration Guide.
Enabling the default user role feature
The default user role feature allows AAA authentication users to access the system if the AAA server does
not authorize any user roles to the users.
You can configure this feature to enable an AAA authentication user that has not been assigned any user
role to log in with the default user role network-operator.
To enable the default user role feature for AAA authentication users:
Ste
p
Command
Remarks
1. Enter system view.
system-view N/A
2. Enable the default user role
feature.
role default-role enable
By default, the default user role feature
is disabled.
If the none authorization method is
used for local users, you must enable
the default user role feature.
Assigning user roles to remote AAA authentication users
For remote AAA authentication users, user roles are configured on the remote authentication server. For
information about configuring user roles for RADIUS users, see the RADIUS server documentation. For
HWTACACS users, the role configuration must use the roles="role-1 role-2 … role-n" format, where user
roles are space separated. For example, configure roles="level-0 level-1 level-2" to assign level-0, level-1,
and level-2 to an HWTACACS user.

Table of Contents

Other manuals for HP 5920 Series

Questions and Answers:

Question and Answer IconNeed help?

Do you have a question about the HP 5920 Series and is the answer not in the manual?

HP 5920 Series Specifications

General IconGeneral
BrandHP
Model5920 Series
CategorySwitch
LanguageEnglish

Related product manuals