Filter
Top Products
To do… Use the command… Remarks
Associate the HTTPS service
with a certificate
attribute-based access control
policy
ip https certificate
access-control-policy
policy-name
Optional
By default, the HTTPS service is not associated
with any certificate-based attribute access
control policy.
• Associating the HTTPS service with a
certificate-based attribute access control
policy enables the device to control the
access rights of clients.
• You must configure the client-verify enable
command in the associated SSL server
policy. If not, no clients can log in to the
device.
• The associated SSL server policy must
contain at least one permit rule.
Otherwise, no clients can log in to the
device.
• For more information about certificate
attribute-based access control policies, see
the Security Configuration Guide.
Configure the port number of
the HTTPS service
ip https port port-number
Optional
443 by default.
Associate the HTTPS service
with an ACL
ip https acl acl-number
Required
By default, the HTTPS service is not associated
with any ACL.
Associating the HTTPS service with an ACL
enables the device to allow only clients
permitted by the ACL to access the device.
Create a local user and enter
local user view
local-user user-name
Required
By default, no local user is configured.
Configure a password for the
local user
password { cipher | simple }
password
Required
By default, no password is configured for the
local user.
Specify the command level of
the local user
authorization-attribute level
level
Required
By default, no command level is configured for
the local user.
Specify the Telnet service type
for the local user
service-type telnet
Required
By default, no service type is configured for
the local user.
Exit to system view quit —
Create a VLAN interface and
enter its view
interface vlan-interface
vlan-interface-id
Required
If the VLAN interface already exists, the
command enters its view.
Assign an IP address and
subnet mask to the VLAN
interface
ip address ip-address { mask
| mask-length }
Required
By default, no IP address is assigned to the
VLAN interface.
69