You can configure the HTTPS login to the web UI as follows: Note: If you only enable the web function by running web-manager enable but do not enable the HTTPS service by running web-manager security enable, you cannot log in to the device. 1. Networking requirement Configure a local authentication administrator webadmin for the NGFW and require that the administrator use HTTPS to log in to the web UI.
2. Configuration roadmap a. Configure the web service for the device and enable the HTTPS service on the interface to allow the administrator to use HTTPS to log in to the web UI. b. Create an administrator. 3. Operation procedure system-view a. Enable the web service. Enable HTTPS. [NGFW] web-manager security enable port 8443 Configure the timeout period for the web service. [NGFW] web-manager timeout 5 By default, the web service timeout period is 10 minutes. (Optional) Configure automatic web UI lockout upon 5 consecutive administrator login failures. Note: By default, the web UI will be added to the blacklist for 10 minutes (cannot be modified) after 3 consecutive authentication failures. [NGFW] firewall blacklist authentication-count login-failed 5 Configure the IP address on GigabitEthernet 1/0/3 and enable the HTTPS service. system-view [NGFW] interface GigabitEthernet 1/0/3 [NGFW-GigabitEthernet1/0/3] ip address 10.3.0.1 255.255.255.0 [NGFW-GigabitEthernet1/0/3] service-manage enable [NGFW-GigabitEthernet1/0/3] service-manage https permit [NGFW-GigabitEthernet1/0/3] quit Add the interface to the security zone. [NGFW] firewall zone trust [NGFW-zone-trust] add interface GigabitEthernet1/0/3 [NGFW-zone-trust] quit b. Create an administrator. Create an administrator and bind a role to it. [NGFW-aaa] manager-user webadmin [NGFW-aaa-manager-user-webadmin] password Enter Password: Confirm Password: [NGFW-aaa-manager-user-webadmin] service-type web [NGFW-aaa-manager-user-webadmin] access-limit 10 [NGFW-aaa-manager-user-webadmin] level 3 [NGFW-aaa-manager-user-webadmin] quit Log in to the NGFW on the administrator PC. Open the browser on the PC and access https://10.3.0.1:8443, the IP address of the device to be logged in to. On the login page, enter the administrator's user name and password, respectively webadmin and Myadmin@123, and click Enter to enter the web UI.
This fault occurs because the SSH permission of user support is disabled. The gateway of the storage device is not initialized. Execute /opt/HS/factory/scripts/n8000_init.sh on each node and set the gateway vendor to HWG using the serial ports. Then restart all nodes and perform the previous operation again.
If you have more questions, you can seek help from following ways:
