Rbac Configuration Example For Hwtacacs Authentication Users; Network Requirements; Configuration Procedure - HP 12500 Configuration Manual
Routing switch series
Hide thumbs
Also See for 12500:
- Configuration manual (402 pages) ,
- Network management and monitoring command reference (320 pages) ,
- Command reference manual (157 pages)
Table of Contents
Advertisement
# Verify that you cannot configure any VLAN except VLANs 1 to 20. Take VLAN 10 and VLAN 30 as
examples.
[Switch] vlan 10
[Switch-vlan10] quit
[Switch] vlan 30
Permission denied.
# Verify that you cannot configure any interface except GigabitEthernet 3/0/1 to GigabitEthernet
3/0/24. Take GigabitEthernet 3/0/2 and GigabitEthernet 3/0/25 as examples.
[Switch] vlan 10
[Switch-vlan10] port GigabitEthernet 3/0/2
[Switch-vlan10] port GigabitEthernet 3/0/25
Permission denied.
RBAC configuration example for HWTACACS
authentication users
Network requirements
The switch in
This Telnet user uses the username test@bbb and is assigned the user role level-0.
Configure the remote-then-local authentication mode for user role switching. The switch uses the
HWTACACS server to provide authentication for user role switching among level-0 and level-3. If the
AAA configuration is invalid or the HWTACACS server does not respond, the switch performs local
authentication.
Figure 5 Network diagram
Configuration procedure
Configure the switch:
1.
# Assign an IP address to VLAN-interface 2, the interface connected to the Telnet user.
<Switch> system-view
[Switch] interface vlan-interface 2
[Switch-Vlan-interface2] ip address 192.168.1.70 255.255.255.0
[Switch-Vlan-interface2] quit
Figure 5
uses local authentication for login users, including the Telnet user at 192.168.1.58.
30
Advertisement
Table of Contents
Troubleshooting
