EasyManuals Logo

HPE FlexNetwork 5510 HI Series Fundamentals Configuration Guide

HPE FlexNetwork 5510 HI Series
209 pages
To Next Page IconTo Next Page
To Next Page IconTo Next Page
To Previous Page IconTo Previous Page
To Previous Page IconTo Previous Page
Page #49 background imageLoading...
Page #49 background image
41
Configuration procedure
# Assign IP addresses to relevant interfaces. Make sure the device and the HWTACACS server can
reach each other. Make sure the device and Host A can reach each other. (Details not shown.)
# Enable the Telnet server.
<Device> system-view
[Device] telnet server enable
# Enable scheme authentication for user lines VTY 0 through VTY 63.
[Device] line vty 0 63
[Device-line-vty0-63] authentication-mode scheme
# Enable command authorization for the user lines.
[Device-line-vty0-63] command authorization
[Device-line-vty0-63] quit
# Create HWTACACS scheme tac.
[Device] hwtacacs scheme tac
# Configure the scheme to use the HWTACACS server at 192.168.2.20:49 for authentication and
authorization.
[Device-hwtacacs-tac] primary authentication 192.168.2.20 49
[Device-hwtacacs-tac] primary authorization 192.168.2.20 49
# Set the shared keys to expert.
[Device-hwtacacs-tac] key authentication expert
[Device-hwtacacs-tac] key authorization expert
# Remove domain names from usernames sent to the HWTACACS server.
[Device-hwtacacs-tac] user-name-format without-domain
[Device-hwtacacs-tac] quit
# Configure the system-predefined domain system. Use the HWTACACS scheme tac for login user
authentication and command authorization. Use local authentication and local authorization as the
backup method.
[Device] domain system
[Device-isp-system] authentication login hwtacacs-scheme tac local
[Device-isp-system] authorization command hwtacacs-scheme tac local
[Device-isp-system] quit
# Create local user monitor. Set the password to 123, the service type to Telnet, and the default user
role to level-1.
[Device] local-user monitor
[Device-luser-manage-admin] password cipher 123
[Device-luser-manage-admin] service-type telnet
[Device-luser-manage-admin] authorization-attribute user-role level-1
Configuring command accounting
Command accounting allows the HWTACACS server to record all executed commands that are
supported by the device, regardless of the command execution result. This feature helps control and
monitor user behavior on the device.
When command accounting is disabled, the accounting server does not record the commands
executed by users. If command accounting is enabled but command authorization is not, every
executed command is recorded on the HWTACACS server. If both command accounting and

Table of Contents

Other manuals for HPE FlexNetwork 5510 HI Series

Preview: Configuration Guide
Configuration Guide572 pages
Preview: Security Configuration Guide
Security Configuration Guide551 pages
Preview: Layer 3 - Ip Routing Configuration Guide
Layer 3 - Ip Routing Configuration Guide486 pages
Preview: Network Management And Monitoring Configuration Guide
Network Management And Monitoring Configuration Guide331 pages
Preview: Macsec Configuration Guide
Macsec Configuration Guide27 pages
Preview: Acl And Qos Configuration Guide
Acl And Qos Configuration Guide114 pages
Preview: Mpls Configuration Guide
Mpls Configuration Guide505 pages
Preview: Openflow Configuration Guide
Openflow Configuration Guide39 pages

Questions and Answers:

Question and Answer IconNeed help?

Do you have a question about the HPE FlexNetwork 5510 HI Series and is the answer not in the manual?

HPE FlexNetwork 5510 HI Series Specifications

General IconGeneral
BrandHPE
ModelFlexNetwork 5510 HI Series
CategorySwitch
LanguageEnglish

Related product manuals