Labnario Com(2)
-
Upload
hussein-dhafan -
Category
Documents
-
view
226 -
download
0
Transcript of Labnario Com(2)
-
7/24/2019 Labnario Com(2)
1/5
https--->webUI--->Huawei Secospace USG6300
Posted in Security
As a graphical user interface is useless in case of routers and switches, it looks useful when conguring a rewall. Of course it is my point of view. I do not
go into what is better for you. I like using CL ICL I but, sometimes, it is worth to simplify your daily routine. The rst step is to congure HTTPSHTTPS access to
webUI of USG6300. This is what we will focus today.
Well known topology from the last post:
Configure IP address of firewall's interface and add it totrust zone:
[USG6300]interface GigabitEthernet 0/0/7
[USG6300-GigabitEthernet0/0/7]ip address 172.16.1.1 24
[USG6300]firewall zone trust
[USG6300-zone-trust]add interface GigabitEthernet 0/0/7
Enable HTTPSserver on that interface:
[USG6300]interface GigabitEthernet 0/0/7
[USG6300-GigabitEthernet0/0/7]service-manage https permit
Create two administrator's accounts:
#
manager-user web_lab
password cipher %@%@`ruiCXfgEFCJGnNu0!
-
7/24/2019 Labnario Com(2)
2/5
#
role system-admin
description system-admin
dashboard read-write
monitor read-write
policy read-write
object read-write
network read-write
system read-write
#
role web_lab
dashboard none
monitor
read-only session statistic statistic-acl
none packet-capture diagnose
policy none
object none
network none
system none
#
Then we can bind our administrators to properly defined roles:
[USG6300-aaa]bind manager-user web_lab role system-admin
[USG6300-aaa]bind manager-user web_lab_2 role web_lab
Enable HTTPSserver with default certificate and set the service port:
[USG6300]web-manager enable
Enable http server successfully !
[USG6300]web-manager security enable port 8443
Enable http security-server successfully ! web-manager
Let's verify what will happen if we use both accounts to get to GU IGU I of the firewallfirewall .
Open a browser and enter https://172.16.1.1:8443.
converted by Web2PDFConvert.com
http://www.web2pdfconvert.com/?ref=PDFhttp://www.web2pdfconvert.com/?ref=PDFhttp://localhost/var/www/apps/conversion/tmp/scratch_7/images/2015/webUI_web_lab_user_2.png -
7/24/2019 Labnario Com(2)
3/5
As you can notice, the access varies depending on the assigned role for administrators.
Tags: Huawei firewall, Secospace USG6300, HTTPS, GUI of USG6300
converted by Web2PDFConvert.com
http://www.web2pdfconvert.com/?ref=PDFhttp://www.web2pdfconvert.com/?ref=PDFhttp://localhost/var/www/apps/conversion/tmp/scratch_7/index.php/component/tags/tag/147-gui-of-usg6300http://localhost/var/www/apps/conversion/tmp/scratch_7/index.php/component/tags/tag/146-httpshttp://localhost/var/www/apps/conversion/tmp/scratch_7/index.php/component/tags/tag/143-secospace-usg6300http://localhost/var/www/apps/conversion/tmp/scratch_7/index.php/component/tags/tag/119-huawei-firewallhttp://localhost/var/www/apps/conversion/tmp/scratch_7/images/2015/webUI_web_lab_2_user_2.png -
7/24/2019 Labnario Com(2)
4/5
Powered by Komento
Submit CommentSubmit Comment
COMMENTS
No comments foundNo comments found
LEAVEYOUR COMMENTS
Post comment as a guest
Your comments are subjected to administrator's moderation.
Sort by Oldest First Sort by Latest First
Login to post a comment
LoginRemember me
Register Forgot password
Name (Required):
Email:
Website:
0
Agree toterms and condition.
Categories
Basic Conguration
Cheat Sheets
Username Password
converted by Web2PDFConvert.com
http://www.web2pdfconvert.com/?ref=PDFhttp://www.web2pdfconvert.com/?ref=PDFhttp://localhost/var/www/apps/conversion/tmp/scratch_7/index.php/27-labnario/cheat-sheetshttp://localhost/var/www/apps/conversion/tmp/scratch_7/index.php/10-labnario/basic-configurationhttp://stackideas.com/http://localhost/var/www/apps/conversion/tmp/scratch_7/index.php/component/users/?view=resethttp://localhost/var/www/apps/conversion/tmp/scratch_7/index.php/component/users/?view=registration -
7/24/2019 Labnario Com(2)
5/5
Command Line
Ethernet
FAQ
General
How To
IP Routing
IP Services
Multicast
QoS
ReliabilitySecurity
System Management
VPN
WAN
Latest Posts
NAT server on Huawei USG5500
outbound NAT on Huawei USG5500
https--->webUI--->Huawei Secospace USG6300
VTY access to Secospace USG6300
CPU usage alarm threshold
Powered by Warp Theme Framework
Built with HTML5 and CSS3
- Copyright 2014 Labnario
converted by Web2PDFConvert com
http://www.web2pdfconvert.com/?ref=PDFhttp://www.web2pdfconvert.com/?ref=PDFhttp://www.yootheme.com/http://localhost/var/www/apps/conversion/tmp/scratch_7/index.php/11-labnario/command-line/174-cpu-usage-alarm-thresholdhttp://localhost/var/www/apps/conversion/tmp/scratch_7/index.php/23-labnario/security/175-ways-of-access-to-secospace-usg6300http://localhost/var/www/apps/conversion/tmp/scratch_7/index.php/23-labnario/security/177-outbound-nat-on-huawei-usg5500http://localhost/var/www/apps/conversion/tmp/scratch_7/index.php/23-labnario/security/178-nat-server-on-huawei-usg5500http://localhost/var/www/apps/conversion/tmp/scratch_7/index.php/26-labnario/wanhttp://localhost/var/www/apps/conversion/tmp/scratch_7/index.php/25-labnario/vpnhttp://localhost/var/www/apps/conversion/tmp/scratch_7/index.php/24-labnario/system-managementhttp://localhost/var/www/apps/conversion/tmp/scratch_7/index.php/23-labnario/securityhttp://localhost/var/www/apps/conversion/tmp/scratch_7/index.php/22-labnario/reliabilityhttp://localhost/var/www/apps/conversion/tmp/scratch_7/index.php/21-labnario/qoshttp://localhost/var/www/apps/conversion/tmp/scratch_7/index.php/28-labnario/multicasthttp://localhost/var/www/apps/conversion/tmp/scratch_7/index.php/20-labnario/ip-serviceshttp://localhost/var/www/apps/conversion/tmp/scratch_7/index.php/19-labnario/ip-routinghttp://localhost/var/www/apps/conversion/tmp/scratch_7/index.php/18-labnario/how-tohttp://localhost/var/www/apps/conversion/tmp/scratch_7/index.php/17-labnario/generalhttp://localhost/var/www/apps/conversion/tmp/scratch_7/index.php/16-labnario/faqhttp://localhost/var/www/apps/conversion/tmp/scratch_7/index.php/15-labnario/ethernethttp://localhost/var/www/apps/conversion/tmp/scratch_7/index.php/11-labnario/command-line