目录
一,基础配置
1,配置模式的切换
用户视图进入系统视图
<Huawei>system-view
Enter system view, return user view with Ctrl+Z.
[Huawei]
退出系统视图
[Huawei]quit
<Huawei>
?可以显示当前页面可执行的所有命令
<Huawei>?
User view commands:
arp-ping ARP-ping
autosave <Group> autosave command group
backup Backup information
cd Change current directory
clear <Group> clear command group
clock Specify the system clock
cls Clear screen
compare Compare configuration file
copy Copy from one file to another
debugging <Group> debugging command group
delete Delete a file
dialer Dialer
dir List files on a filesystem
display Display information
factory-configuration Factory configuration
fixdisk Try to restory disk
format Format file system
free Release a user terminal interface
ftp Establish an FTP connection
help Description of the interactive help system
hwtacacs-user HWTACACS user
license <Group> license command group
lldp Link Layer Discovery Protocol
---- More ----
tab可自动补全命令
<Huawei>sys
<Huawei>system-view
2,配置主机名
<Huawei>system-view
Enter system view, return user view with Ctrl+Z.
[Huawei]sysname R1
[R1]
3,配置console线路登录
设备管理方式有两种
本地管理,和远程管理
本地管理又分为aaa和password这两种登录方式
password
<Huawei>system-view
Enter system view, return user view with Ctrl+Z.
[Huawei]sysname R1
进入console口
[R1]user-interface console 0
开启password
[R1-ui-console0]authentication-mode password
Please configure the login password (maximum length 16):huawei123
[R1]quit
<R1>q
Configuration console exit, please press any key to log on
Login authentication
Password:
aaa登录
aaa登录的方式需要为设备配置账号密码
可以为不同的账号分配不同的等级,不同的等级也对应这不同的权限
0级权限-游客级
1级权限-监控级
2级权限-配置级
[Huawei]sys R1
[R1]user-int con 0
[R1-ui-console0]au
[R1-ui-console0]authentication-mode aaa 创建aaa视图
[R1-ui-console0]q
[R1]aaa
[R1-aaa]local-user user1 password cipher huawei123 创建用户
Info: Add a new user.
[R1-aaa]local-user user2 password cipher huawei456
Info: Add a new user.
[R1-aaa]local-user user3 password cipher huawei789
Info: Add a new user.
[R1-aaa]local-user user1 privilege level 0 为其赋权
[R1-aaa]local-user user1 privilege level 1
[R1-aaa]local-user user1 privilege level 2
[R1-aaa]
4,配置接口ip
R1配置
The device is running!
<Huawei>sys
Enter system view, return user view with Ctrl+Z.
[Huawei]sys R1
[R1]interface GigabitEthernet 0/0/0 进入需要配置的接口视图
[R1-GigabitEthernet0/0/0]ip add
[R1-GigabitEthernet0/0/0]ip address 12.1.1.1 24 配置ip地址与子网掩码
Nov 22 2022 09:19:13-08:00 R1 %%01IFNET/4/LINK_STATE(l)[0]:The line protocol IP
on the interface GigabitEthernet0/0/0 has entered the UP state.
[R1-GigabitEthernet0/0/0]q
[R1]dis
[R1]display ip interface brief 查看ip信息
*down: administratively down
^down: standby
(l): loopback
(s): spoofing
The number of interface that is UP in Physical is 2
The number of interface that is DOWN in Physical is 2
The number of interface that is UP in Protocol is 2
The number of interface that is DOWN in Protocol is 2
Interface IP Address/Mask Physical Protocol
GigabitEthernet0/0/0 12.1.1.1/24 up up
GigabitEthernet0/0/1 unassigned down down
GigabitEthernet0/0/2 unassigned down down
NULL0 unassigned up up(s)
[R1]q
<R1>
R2配置
The device is running!
<Huawei>SYS
Enter system view, return user view with Ctrl+Z.
[Huawei]SYS R2
[R2]int g0/0/0
[R2-GigabitEthernet0/0/0]ip add 12.1.1.2 24
Nov 22 2022 09:20:31-08:00 R2 %%01IFNET/4/LINK_STATE(l)[0]:The line protocol IP
on the interface GigabitEthernet0/0/0 has entered the UP state.
[R2-GigabitEthernet0/0/0]q
[R2]dis ip in b
*down: administratively down
^down: standby
(l): loopback
(s): spoofing
The number of interface that is UP in Physical is 2
The number of interface that is DOWN in Physical is 2
The number of interface that is UP in Protocol is 2
The number of interface that is DOWN in Protocol is 2
Interface IP Address/Mask Physical Protocol
GigabitEthernet0/0/0 12.1.1.2/24 up up
GigabitEthernet0/0/1 unassigned down down
GigabitEthernet0/0/2 unassigned down down
NULL0 unassigned up up(s)
[R2]ping 12.1.1.1 使用ping命令测试设备连通性
PING 12.1.1.1: 56 data bytes, press CTRL_C to break
Reply from 12.1.1.1: bytes=56 Sequence=1 ttl=255 time=90 ms
Reply from 12.1.1.1: bytes=56 Sequence=2 ttl=255 time=20 ms
Reply from 12.1.1.1: bytes=56 Sequence=3 ttl=255 time=10 ms
Reply from 12.1.1.1: bytes=56 Sequence=4 ttl=255 time=10 ms
Reply from 12.1.1.1: bytes=56 Sequence=5 ttl=255 time=10 ms
--- 12.1.1.1 ping statistics ---
5 packet(s) transmitted
5 packet(s) received
0.00% packet loss
round-trip min/avg/max = 10/28/90 ms
[R2]
5,配置vty线路远程登录
vty线路可允许多人同时访问登录,而console线路只能允许一人听同时登录访问。
telnet登录
R1配置
[R1]int g0/0/0
[R1-GigabitEthernet0/0/0]ip add 12.1.1.1 24
[R1-GigabitEthernet0/0/0]
Nov 22 2022 09:31:42-08:00 R1 %%01IFNET/4/LINK_STATE(l)[1]:The line protocol IP
on the interface GigabitEthernet0/0/0 has entered the UP state.
[R1-GigabitEthernet0/0/0]q
[R1]dis ip in b
*down: administratively down
^down: standby
(l): loopback
(s): spoofing
The number of interface that is UP in Physical is 2
The number of interface that is DOWN in Physical is 2
The number of interface that is UP in Protocol is 2
The number of interface that is DOWN in Protocol is 2
Interface IP Address/Mask Physical Protocol
GigabitEthernet0/0/0 12.1.1.1/24 up up
GigabitEthernet0/0/1 unassigned down down
GigabitEthernet0/0/2 unassigned down down
NULL0 unassigned up up(s)
[R1]q
R2配置
The device is running!
<Huawei>sys
Enter system view, return user view with Ctrl+Z.
[Huawei]sys R2
[R2]dis ip in b
*down: administratively down
^down: standby
(l): loopback
(s): spoofing
The number of interface that is UP in Physical is 2
The number of interface that is DOWN in Physical is 2
The number of interface that is UP in Protocol is 1
The number of interface that is DOWN in Protocol is 3
Interface IP Address/Mask Physical Protocol
GigabitEthernet0/0/0 unassigned up down
GigabitEthernet0/0/1 unassigned down down
GigabitEthernet0/0/2 unassigned down down
NULL0 unassigned up up(s)
[R2]int g0/0/0
[R2-GigabitEthernet0/0/0]ip add 12.1.1.2 24
Nov 22 2022 09:32:25-08:00 R2 %%01IFNET/4/LINK_STATE(l)[0]:The line protocol IP
on the interface GigabitEthernet0/0/0 has entered the UP state.
[R2-GigabitEthernet0/0/0]q
[R2]dis ip in b
*down: administratively down
^down: standby
(l): loopback
(s): spoofing
The number of interface that is UP in Physical is 2
The number of interface that is DOWN in Physical is 2
The number of interface that is UP in Protocol is 2
The number of interface that is DOWN in Protocol is 2
Interface IP Address/Mask Physical Protocol
GigabitEthernet0/0/0 12.1.1.2/24 up up
GigabitEthernet0/0/1 unassigned down down
GigabitEthernet0/0/2 unassigned down down
NULL0 unassigned up up(s)
[R2]user-interface vty ?
INTEGER<0-4,16-20> The first user terminal interface to be configured
[R2]user-interface vty 0 4
[R2-ui-vty0-4]auth
[R2-ui-vty0-4]authentication-mode aaa 创建用户
[R2-ui-vty0-4]q
[R2]local
[R2]aaa
[R2-aaa]local-user user-r1 password cipher huawei123 创建用户
Info: Add a new user.
[R2-aaa]local-user user-r1 privilege level 2 赋权
[R2-aaa]local-user user-r1 service-type ?
8021x 802.1x user
bind Bind authentication user
ftp FTP user
http Http user
ppp PPP user
ssh SSH user
sslvpn Sslvpn user
telnet Telnet user
terminal Terminal user
web Web authentication user
x25-pad X25-pad user
[R2-aaa]local-user user-r1 service-type te
[R2-aaa]local-user user-r1 service-type terminal
[R2-aaa]local-user user-r1 service-type telnet 本地用户user-r1 服务类型telnet
[R2-aaa]q
[R2]
ssh登录
R2配置
配置ip
[R2]dis ip in b
*down: administratively down
^down: standby
(l): loopback
(s): spoofing
The number of interface that is UP in Physical is 2
The number of interface that is DOWN in Physical is 2
The number of interface that is UP in Protocol is 2
The number of interface that is DOWN in Protocol is 2
Interface IP Address/Mask Physical Protocol
GigabitEthernet0/0/0 12.1.1.2/24 up up
GigabitEthernet0/0/1 unassigned down down
GigabitEthernet0/0/2 unassigned down down
NULL0 unassigned up up(s)
[R2]stelnet server enable 开启ssh协议
Info: Succeeded in starting the STELNET server.
[R2]rsa local-key-pair create 创建加密报文的密匙对
The key name will be: Host
% RSA keys defined for Host already exist.
Confirm to replace them? (y/n)[n]:y
The range of public key size is (512 ~ 2048).
NOTES: If the key modulus is greater than 512,
It will take a few minutes.
Input the bits in the modulus[default = 512]:1024
Generating keys...
.........................++++++
............................................................++++++
.....++++++++
.......++++++++
[R2-aaa]local-user caixukun password cipher jntm
Info: Add a new user.
[R2-aaa]local-user caixukun password
[R2-aaa]local-user caixukun privilege l
[R2-aaa]local-user caixukun privilege level 2
[R2-aaa]local-user caixukun service-type ssh
[R2-aaa]q
[R2]user-in v
[R2]user-in vty 0 4
[R2-ui-vty0-4]auth
[R2-ui-vty0-4]authentication-mode aaa
[R2-ui-vty0-4]pr
[R2-ui-vty0-4]protocol in ssh 开启vty线路的ssh访问功能
[R2]ssh user caixukun authentication-type all 定义ssh用户的认证模式
Authentication type setted, and will be in effect next time
[R2]
Nov 22 2022 09:54:26-08:00 R2 %%01SSH/4/SSH_FAIL(l)[1]:Failed to log in through
SSH. (Ip=12.1.1.1, UserName=caixukun, Times=16777216).
[R2]
R1配置
配置ip
[R1]stelnet 12.1.1.2 登录
Please input the username:caixukun
Trying 12.1.1.2 ...
Press CTRL+K to abort
Connected to 12.1.1.2 ...
The server is not authenticated. Continue to access it? (y/n)[n]:y
Nov 22 2022 09:54:24-08:00 R1 %%01SSH/4/CONTINUE_KEYEXCHANGE(l)[1]:The server ha
d not been authenticated in the process of exchanging keys. When deciding whethe
r to continue, the user chose Y.
[R1]
Save the server's public key? (y/n)[n]:y
The server's public key will be saved with the name 12.1.1.2. Please wait...
Nov 22 2022 09:54:26-08:00 R1 %%01SSH/4/SAVE_PUBLICKEY(l)[2]:When deciding wheth
er to save the server's public key 12.1.1.2, the user chose Y.
[R1]
Enter password:
<R2>
<R2>
<R2>sys
Enter system view, return user view with Ctrl+Z.
[R2]sys dingzhne 修改R2用户名
[dingzhne]sys dingzhen
[dingzhen]
查看
6,了解设备配置文件
<Huawei>dir 查看系统文件
Directory of flash:/
Idx Attr Size(Byte) Date Time(LMT) FileName
0 drw- - Oct 17 2022 08:42:53 dhcp
1 -rw- 121,802 May 26 2014 09:20:58 portalpage.zip
2 -rw- 2,263 Oct 17 2022 08:42:47 statemach.efs
3 -rw- 828,482 May 26 2014 09:20:58 sslvpn.zip
1,090,732 KB total (784,464 KB free)
<Huawei>display current-configuration 查看运行配置文件
[V200R003C00]
#
snmp-agent local-engineid 800007DB03000000000000
snmp-agent
#
clock timezone China-Standard-Time minus 08:00:00
#
portal local-server load portalpage.zip
#
drop illegal-mac alarm
#
set cpu-usage threshold 80 restore 75
#
aaa
authentication-scheme default
authorization-scheme default
accounting-scheme default
domain default
domain default_admin
local-user admin password cipher %$%$K8m.Nt84DZ}e#<0`8bmE3Uw}%$%$
local-user admin service-type http