华为VRP系统基础
来自Linux78|wiki
配置设备console密码、主机名、时间、时区、baner
[Huawei]sysname R1 ===配置主机名 [R1]header login information “Welcome to R” ====配置登录banner,如telnet等 [R1]header shell information “Welcome to HW” ====配置登录banner,如console [R1]user-interface console 0====进入console口,默认无密码 [R1-ui-console0]authentication-mode password Please configure the login password (maximum length 16):5 ====选择密码长度 [R1-ui-console0]set authentication password cipher cisco ====配置一个密文形式密码(可以选择明文,命令为simple) [R1-ui-console0]idle-timeout 3 20 ====配置空闲超时时间3分20秒,默认10分钟 quit Configuration console exit, please press any key to log on Welcome to R Login authentication Password: Welcome to HW display clock ====显示系统时间 clock timezone GMT add 08:00:00 ====配置系统时区,中国为+8区 clock datetime 22:59:00 2014-05-11 ====配置系统时间 [R1]super password cipher 123456 ====配置密文super密码,防止非法用户权限提升 [R1]display current-configuration | include super ====显示super密码配置 super password level 3 cipher %$%$$#q^6$-.B<#>7NFN%4″D,&Qs%$% $
配置接口地址与telnet、SSH
[R1]display ip interface brief ====查看接口状态 [R1]display interface g0/0/0 ====查看接口详细信息 [R1]interface g0/0/0 ====进入接口模式(注:默认接口状态为UP,可以使用命令shutdown关闭接口,用restart命令开启) [R1-GigabitEthernet0/0/0]ip address 202.100.1.1 255.255.255.0
telnet 配置【基于密码与用户名密码2种方式】
[R1]user-interface vty 0 4 ====进入线下模式 [R1-ui-vty0-4]set authentication password cipher cisco ====配置加密密码为cisco display telnet server status ====查看telnet server状态 TELNET IPV4 server :Enable TELNET IPV6 server :Enable TELNET server port :23 display users ====查看telnet会话信息
配置用户名+密码认证方式
[R1]user-interface vty 0 4 [R1-ui-vty0-4]authentication-mode aaa [R1-ui-vty0-4]quit [R2]aaa [R2-aaa]local-user cisco password cipher cisco privilege level 15 [R2-aaa]local-user cisco service-type telnet
SSH配置
[R1]rsa local-key-pair create ====生成RSA密钥 [R1]display rsa local-key-pair public ====查看生成RSA密钥 [R1]user-interface vty 0 4 [R1-ui-vty0-4]authentication-mode aaa [R1-ui-vty0-4]protocol inbound ssh [R1-ui-vty0-4]quit [R1]aaa [R1-aaa]local-user sshuser password cipher cisco ====创建SSH登陆用户名与密码 Info: Add a new user. [R1-aaa]local-user sshuser service-type ssh [R1-aaa]quit [R1-aaa]local-user sshuser privilege level 15 [R1]stelnet server enable ====启用Stelnet功能 Info: Succeeded in starting the STELNET server. [R1]ssh user sshuser authentication-type password ====配置SSH登陆用户名服务类型 Authentication type setted, and will be in effect next time [R1]display ssh server status ====查看SSH服务状态 [R1]display ssh user-information ====查看SSH登陆用户状态
查看、保存、清空、重启路由器
[R1]display current-configuration ====查看路由器当前配置信息 [R1]save ====保存路由器当前配置信息 The current configuration will be written to the device. Are you sure to continue? (y/n)[n]:y It will take several minutes to save configuration file, please wait…… Configuration file had been saved successfully Note: The configuration file will take effect after being activated startup saved-configuration iascfg.zip ====配置下次启动加载配置文件 This operation will take several minutes, please wait……… Info: Succeeded in setting the file for booting system display startup ====查看下次启动加载配置文件 MainBoard: Startup system software: sd1:/ar2220_V200R001C01SPC300.cc Next startup system software: sd1:/ar2220_V200R001C01SPC300.cc Backup system software for next startup: null Startup saved-configuration file: null Next startup saved-configuration file: sd1:/iascfg.zip Startup license file: null Next startup license file: null reset saved-configuration ====清空配置 This will delete the configuration in the flash memory. The device configurations will be erased to reconfigure. Are you sure? (y/n)[n]:y Clear the configuration in the device successfully. reboot ====重启路由器 Info: The system is comparing the configuration, please wait. Warning: All the configuration will be saved to the next startup configuration. Continue ? [y/n]:n 这里选择不保存,否则配置又存在了 System will reboot! Continue ? [y/n]:y Info: system is rebooting ,please wait..
