Verifying The Configuration - HP 6125G Configuration Manual
Security configuration guide
Hide thumbs
Also See for 6125G:
- Command reference manual (426 pages) ,
- Configuration manual (379 pages) ,
- Release note (60 pages)
Table of Contents
Advertisement
# Create an ISP domain and specify the RADIUS scheme 2000 as the default AAA schemes for the
domain.
[Device] domain 2000
[Device-isp-2000] authentication default radius-scheme 2000
[Device-isp-2000] authorization default radius-scheme 2000
[Device-isp-2000] accounting default radius-scheme 2000
[Device-isp-2000] quit
# Configure a time range ftp for the weekdays from 8:00 to 18:00.
[Device] time-range ftp 8:00 to 18:00 working-day
# Configure ACL 3000 to deny packets destined for the FTP server at 10.0.0.1 on the weekdays
during business hours.
[Device] acl number 3000
[Device-acl-adv-3000] rule 0 deny ip destination 10.0.0.1 0 time-range ftp
[Device-acl-adv-3000] quit
# Enable 802.1X globally.
[Device] dot1x
# Enable 802.1X on port GigabitEthernet 1/0/1.
[Device] interface gigabitethernet 1/0/1
[Device-GigabitEthernet1/0/1] dot1x
Verifying the configuration
Use the user account to pass authentication, and then ping the FTP server on any weekday during
business hours.
C:\>ping 10.0.0.1
Pinging 10.0.0.1 with 32 bytes of data:
Request timed out.
Request timed out.
Request timed out.
Request timed out.
Ping statistics for 10.0.0.1:
Packets: Sent = 4, Received = 0, Lost = 4 (100% loss),
The output shows that ACL 3000 has taken effect on the user, and the user cannot access the FTP server.
97
Advertisement
Table of Contents
Troubleshooting
