67
Ste
Command
Remarks
5. Associate the HTTPS
service with a
certificate
attribute-based
access control policy.
ip https certificate
access-control-policy
policy-name
Optional.
By default, the HTTPS service is not associated with
any certificate-based attribute access control policy.
• Associating the HTTPS service with a
certificate-based attribute access control policy
enables the device to control the access rights of
clients.
• You must configure client-verify enable in the
associated SSL server policy. If not, no clients can
log in to the device.
• The associated SSL server policy must contain at
least one permit rule. Otherwise, no clients can log
in to the device.
• For more information about certificate
attribute-based access control policies, see Security
Configuration Guide.
6. Configure the port
number of the HTTPS
service.
ip https port
port-number
Optional.
443 by default.
7. Associate the HTTPS
service with an ACL.
ip https acl acl-number
Required.
By default, the HTTPS service is not associated with
any ACL.
Associating the HTTPS service with an ACL enables the
device to allow only clients permitted by the ACL to
access the device.
8. Create a local user
and enter local user
view.
local-user user-name
Required.
By default, no local user is configured.
9. Configure a
password for the
local user.
password { cipher |
simple } password
Required.
By default, no password is configured for the local
user.
10. Specify the command
level of the local user.
authorization-attribute
level level
Required.
By default, no command level is configured for the
local user.
11. Specify the Telnet
service type for the
local user.
service-type telnet
Required.
By default, no service type is configured for the local
user.
12. Exit to system view. quit —
13. Create a VLAN
interface and enter its
view.
interface vlan-interface
vlan-interface-id
Required.
If the VLAN interface already exists, the command
enters its view.
14. Assign an IP address
and subnet mask to
the VLAN interface.
ip address ip-address
{ mask | mask-length }
Required.
By default, no IP address is assigned to the VLAN
interface.
To Next Page
Loading...
Need help?
General
