Table of Contents
Advertisement
ZXAN(config)#aaa group-server radius-authen 1
ZXAN(config-authgrp-1)#
5. Configure the RADIUS server.
ZXAN(config-authgrp-1)#server 1 2.2.2.3 key zteRad
6. (Optional) Configure the route.
ZXAN(config-authgrp-1)#ip mng
ZXAN(config-authgrp-1)#exit
When the ZXA10 C300 is connected to the RADIUS server through the in-band NM
channel, you can skip this step.
7. Configure the authentication group.
ZXAN(config)#aaa authentication login default rds-group 1
8. Configure the authorization group.
ZXAN(config)#aaa authorization exec default rds-group 1
– End of Steps –
15.4 Configuring Management ACL
After you configure the management ACL, accessing the ZXA10 C300 in Telnet/SNMP
mode can be restricted.
Context
The management ACL is a standard ACL, which controls the source IP address of the
received IP packets. The management ACL restricts users' access to the ZXA10 C300
NM module.
Steps
1. Create a standard ACL.
ZXAN(config)#acl standard number 10
ZXAN(config-std-acl)#
2. Configure the ACL rules.
ZXAN(config-std-acl)#rule 1 deny 1.1.1.10 0.0.0.0
ZXAN(config-std-acl)#rule 2 permit 1.1.1.0 0.0.0.255
ZXAN(config-std-acl)#exit
3. Apply the ACL.
SJ-20130520164529-007|2013-06-30 (R1.0)
Note:
Chapter 15 System Security Configuration
15-5
ZTE Proprietary and Confidential
Hide quick links:
Advertisement
Table of Contents
