HP 5500 Ei 5500 Si Switch Series Configuration Guide

 49 
Step Command Remarks 
1.  Enter system view. 
system-view  N/A 
2.  Enter AUX user 
interface view.  user-interface aux 
first-number  
[ last-number  ]  N/A 
3.
  Enable scheme 
authentication.  authentication-mode
 scheme  Whether local, RADIUS, or HWTACACS 
authentication is adopted depends on 
the configured AAA scheme. 
By default, no authentication is 
performed for modem dial-in users. 
4.
  Enable command 
authorization.  command authorization  Optional. 
By default, command authorization is...

 50 
Step Command Remarks 
7.  Apply an AAA 
authentication scheme 
to the intended 
domain.  1.
  Enter the ISP domain view:   
domain  domain-name   
2.   Apply the specified AAA 
scheme to the domain:  
authentication default  
{  hwtacacs-scheme  
hwtacacs-scheme -name  
[ local ] |  local | none  |  
radius-scheme  
radius-scheme -name  [ local ] } 
 
3.  Exit to system view:  
quit   Optional. 
By default, local authentication is used. 
 
For local authentication, configure local 
user accounts....

 51 
Figure 26 Scheme authentication interface for modem dial-in users 
 
 
Configuring common settings for modem dial-in (optional)  
 CAUTION: 
To avoid packet loss, make sure the speed of the cons
ole port is lower than the transmission rate of the 
modem. 
 
Some common settings configured for an AUX user in terface take effect immediately and can interrupt 
the login session. To save you the trouble of repeat ed re-logins, use a login method different from AUX 
login to log in to the device before...

 52 
Step Command Remarks 
6.  Configure the number of stop 
bits.  stopbits 
{ 1  |  1.5  | 2 }  The default is 1. 
Stop bits indicate the end of a 
character. The more the bits, the 
slower the transmission. 
7.
  Configure the number of data 
bits in each character.  databits
 { 7  | 8  }  By default, the number of data bits in 
each character is 8. 
The setting depends on the 
character coding type. For example, 
you can set it to 7 if standard ASCII 
characters are to be sent, and set it 
to 8 if...

 53 
Step Command Remarks 
15. Set the idle-timeout timer. 
idle-timeout minutes [  seconds  ]   The default idle-timeout is 10 
minutes. The system automatically 
terminates the user’s connection if 
there is no information interaction 
between the device and the user 
within the idle-timeout time. 
Setting idle-timeout to 0 disables the 
timer. 
 
Displaying and maintaining CLI login 
 
Task Command Remarks 
Display information about the user 
interfaces that are being used. 
display users
 [ | { begin...

 54 
Logging in to the Web interface 
The device provides a built-in Web server for you to configure the device through a Web browser. Web 
login is by default disabled.  
To enable Web login, log in via the console port, and perform the following configuration tasks: 
•  Enable HTTP or HTTPS service. 
•   Configure the IP address of a Layer 3 interface, and make sure the interface and the configuration 
terminal can reach each other. 
•   Configure a local user account for Web login. 
The device...

 55 
Step Command Remarks 
4.  Associate the HTTP service 
with an ACL.  ip http acl
 acl-number   Optional. 
By default, the HTTP service is not 
associated with any ACL. 
Associating the HTTP service with 
an ACL enables the device to allow 
only clients permitted by the ACL to 
access the device. 
5.
  Create a local user and enter 
local user view.  local-user 
user-name  By default, no local user is 
configured.  
6.
  Configure a password for the 
local user.  password
 { cipher |  simple }...

 56 
Step Command Remarks 
3.  Enable the HTTPS service. 
ip https enable  By default, HTTPS is disabled. 
Enabling the HTTPS service triggers an 
SSL handshake negotiation process. 
During the process, if the local certificate 
of the device exists, the SSL negotiation 
succeeds, and the HTTPS service can be 
started properly. If no local certificate 
exists, a certificate application process 
will be triggered by the SSL negotiation. 
Because the application process takes 
much time, the SSL...

 57 
Step Command Remarks 
10. Specify the Web service 
type for the local user.  service-type
 web  By default, no service type is configured 
for the local user. 
11.
 Exit to system view. 
quit  N/A 
12. Create a VLAN interface 
and enter its view.  interface vlan-interface 
vlan-interface-id
  If the VLAN interface already exists, the 
command enters its view. 
You could replace this VLAN interface 
with any other Layer 3 interface as 
appropriate.  
13.
 Assign an IP address and 
subnet mask to the...

 58 
[Sysname] vlan 999 
[Sysname-vlan999] port GigabitEthernet 1/0/1 
[Sysname-vlan999] quit 
# Assign the IP address 192.168.0.58 and the subnet mask 255.255.255.0 to VLAN-interface 
999. 
[Sysname] interface vlan-interface 999 
[Sysname-VLAN-interface999] ip address 192.168.0.58 255.255.255.0 
[Sysname-VLAN-interface999] quit 
# Create a local user named  admin, and set the password to  admin for the user. Specify the Web 
service type for the local user, and set  the command level to 3 for this user....