Changing The Vlan Policy Of A User Role; Changing The Vpn Instance Policy Of A User Role; Assigning User Roles; Enabling The Default User Role Function - HP 6125XLG Configuration Manual

Blade switch fundamentals configuration guide

Hide thumbs Also See for 6125XLG:

Layer 3 - ip routing configuration manual (492 pages)

Command reference manual (466 pages)

Configuration manual (414 pages)

Table Of Contents

100

101

102

103

104

105

106

107

108

109

110

111

112

113

114

115

116

117

118

119

120

121

122

123

124

125

126

127

128

129

130

131

132

133

134

135

136

137

138

139

140

141

142

143

144

145

146

147

148

149

150

151

152

153

154

155

Table of Contents

Changing the VLAN policy of a user role

Step

Enter system view.

Enter user role view.

Enter user role VLAN policy

view.

(Optional.) Specify a list of

VLANs accessible to the

user role.

Changing the VPN instance policy of a user role

Step

Enter system view.

Enter user role view.

Enter user role VPN

instance policy view.

(Optional.) Specify a list of

VPNs accessible to the user

role.

Assigning user roles

To control user access to the system, you must assign at least one user role. Make sure at least one user

role among the user roles assigned by the server exists on the device. User role assignment procedure

varies with remote AAA authentication users, local AAA authentication users, and non-AAA

authentication users (see

Security Configuration Guide.

Enabling the default user role function

An AAA authentication user must have at least one user role to log in to the device. The default user role

function assigns the network-operator user role to a local or remote AAA authenticated user if the AAA

server has not authorized the user to use any user roles. Without the function, AAA authenticated users

cannot access the system if they have no user role authorization.

To enable the default user role function for AAA authentication users:

Command

system-view

role name role-name

vlan policy deny

permit vlan vlan-id-list

Command

system-view

role name role-name

vpn-instance policy deny

permit vpn-instance

vpn-instance-name&<1-10>

"Assigning user

roles"). For more information about AAA authentication, see

Remarks

N/A

By default, the VLAN policies of user

roles permit access to all VLANs.

This command disables the access of

the user role to any VLAN.

By default, no accessible VLANs are

configured.

To add more accessible VLANs,

repeat this step.

Remarks

N/A

By default, the VPN policies of user

roles permit access to all VPNs.

This command disables the access of

the user role to any VPN.

By default, no accessible VPNs are

configured.

To add more accessible VPNs, repeat

this step.

Table of Contents

Show Quick Links

Hide quick links:

Table of Contents

Changing The Vlan Policy Of A User Role; Changing The Vpn Instance Policy Of A User Role; Assigning User Roles; Enabling The Default User Role Function - HP 6125XLG Configuration Manual

Changing the VLAN policy of a user role

Changing the VPN instance policy of a user role

Assigning user roles

Enabling the default user role function

Hide quick links:

Troubleshooting

Related Manuals for HP 6125XLG

Related Content for HP 6125XLG

Table of Contents