VRP基础命令
1.查看显示的时间(管理模式下也可以)
[R1]dis clock
2020-11-04 12:25:55
Wednesday
Time Zone(China-Standard-Time) : UTC-08:00
2.修改时区
<R1>clock timezone beijin add 10:00:00
<R1>dis clock
2020-11-03 18:28:51
Tuesday
Time Zone(beijin) : UTC+10:00
1、设置时区为北京:
<Huawei>clock timezone bj add 08:00 #增加偏移8个时区,用户视图下配置
<R2>dis clock
2020-10-01 10:02:39
Thursday
Time Zone(China-Standard-Time) : UTC-08:00
<R2>clock timezone beijin add 8:00:00 <R2>dis clock 2020-09-30 18:03:43 Wednesday Time Zone(beijin) : UTC+08:00
3.修改系统时间
<R2>dis clock
2020-11-04 12:32:19
Wednesday
Time Zone(China-Standard-Time) : UTC-08:00
<R2>clock datetime 10:00:00 2020-10-01 <R2>dis clock 2020-10-01 10:00:04 Thursday Time Zone(China-Standard-Time) : UTC-08:00
4.重启网络设备
<R1>reboot
Info: The system is comparing the configuration, please wait.
Warning: All the configuration will be saved to the next startup configuration. Continue ? [y/n]:y
5.保存配置
save
1.进入指定端口
[R2]int g0/0/0
[R2-GigabitEthernet0/0/0]
2.查看设备的所有接口
[R2]dis int brief
PHY: Physical
*down: administratively down
(l): loopback
(s): spoofing
(b): BFD down
^down: standby
(e): ETHOAM down
(d): Dampening Suppressed
InUti/OutUti: input utility/output utility
Interface PHY Protocol InUti OutUti inErrors outErrors
Ethernet0/0/0 down down 0% 0% 0 0
Ethernet0/0/1 down down 0% 0% 0 0
Ethernet0/0/2 down down 0% 0% 0 0
Ethernet0/0/3 down down 0% 0% 0 0
Ethernet0/0/4 down down 0% 0% 0 0
Ethernet0/0/5 down down 0% 0% 0 0
Ethernet0/0/6 down down 0% 0% 0 0
Ethernet0/0/7 down down 0% 0% 0 0
GigabitEthernet0/0/0 up down 0% 0% 0 0
GigabitEthernet0/0/1 down down 0% 0% 0 0
NULL0 up up(s) 0% 0% 0 0
3.打开接口
[R2]int g0/0/0
[R2-GigabitEthernet0/0/0]undo shutdown
Info: Interface GigabitEthernet0/0/0 is not shutdown.
4.IP地址配置错误处理方法
删除 undo,在原来配置的基础上加undo,有时候undo删不掉,它会提示,把后面的东西去掉就可以了
[R2-GigabitEthernet0/0/0]ip add 192.168.1.2 24 [R2-GigabitEthernet0/0/0]dis this [V200R003C00] # interface GigabitEthernet0/0/0 ip address 192.168.1.2 255.255.255.0 # return [R2-GigabitEthernet0/0/0]undo ip add 192.168.1.2 24 Sep 30 2020 18:27:15+08:00 R2 %%01IFNET/4/LINK_STATE(l)[1]:The line protocol IP on the interface GigabitEthernet0/0/0 has entered the DOWN state. [R2-GigabitEthernet0/0/0]dis this [V200R003C00] # interface GigabitEthernet0/0/0 # return
5.配置标题的消息
[R2]header shell information "baba"
[R2]q
<R2>q
Configuration console exit, please press any key to log on
baba
6.查看当前设备设置的内容
[R2]dis curr
[V200R003C00]
#
sysname R2
header shell information "baba"
#
snmp-agent local-engineid 800007DB03000000000000
snmp-agent
#
clock timezone beijin add 08:00:00
#
portal local-server load portalpage.zip
#
drop illegal-mac alarm
#
set cpu-usage threshold 80 restore 75
#
aaa
authentication-scheme default
authorization-scheme default
accounting-scheme default
domain default
domain default_admin
local-user admin password cipher %$%$K8m.Nt84DZ}e#<0`8bmE3Uw}%$%$
local-user admin service-type http
#
firewall zone Local
priority 15
#
interface Ethernet0/0/0
#
interface Ethernet0/0/1
#
interface Ethernet0/0/2
#
interface Ethernet0/0/3
#
interface Ethernet0/0/4
#
interface Ethernet0/0/5
#
interface Ethernet0/0/6
#
interface Ethernet0/0/7
#
interface GigabitEthernet0/0/0
#
interface GigabitEthernet0/0/1
#
interface NULL0
#
user-interface con 0
authentication-mode password
user-interface vty 0 4
user-interface vty 16 20
#
wlan ac
#
return
7.查看使用过的命令【默认保存记录10条】
[R2]dis history-command
dis curr
sys
修改默认的命令使用历史记录
8.清除接口配置命令
[SW3]clear configuration interface g0/0/2
Warning: All configurations of the interface will be cleared, and its state will be shutdown. Continue? [Y/N] :y
查询交换机的mac地址
[sw1]dis bridge mac-address
System bridge MAC address: 4c1f-cc29-383c
console的号码是0
1.1怎么进入console
[R2]user-interface con 0
[R2-ui-console0]
1.2设置console的密码
[R2-ui-console0]authentication-mode password
Please configure the login password (maximum length 16):123
[R2]q <R2>q Configuration console exit, please press any key to log on Login authentication Password: Password: baba <R2>
2.1怎么进入console
[R2]user-interface con 0
[R2-ui-console0]
2.2使用AAA的方式进行认证
[R2]user-int con 0
[R2-ui-console0]auth
[R2-ui-console0]authentication-mode aaa
[R2-ui-console0]aaa
[R2-aaa]
2.3配置用户名和密码
[R2-aaa]local-user 123 password cipher 123
Info: Add a new user.
[R2]q <R2>q Configuration console exit, please press any key to log on Login authentication Username:123 Password: baba <R2>
正常是要设置超时时间的
[R2]user-int con 0
[R2-ui-console0]id
[R2-ui-console0]idle-timeout 0
前提条件,两个设备要有联系性
要在用户视图模式下使用telnet命令
使用直连的方式配置 telnet
这里的0 4 代表连接上来的人数,一共5个人,比如一个人就是user-int vty 0
[R1]user-int vty 0 4
[R1-ui-vty0-4]
[R1-ui-vty0-4]authentication-mode password
Please configure the login password (maximum length 16):123
<R1>q Configuration console exit, please retry to log on The connection was closed by the remote host <R2>telnet 192.168.1.1 Press CTRL_] to quit telnet mode Trying 192.168.1.1 ... Connected to 192.168.1.1 ... Login authentication Password: <R1>
使用aaa认证的方式配置telnet
2
[R2]user-int vty 0 4
[R2-ui-vty0-4]authentication-mode aaa [R2-ui-vty0-4]aaa [R2-aaa]local-user 123 password cipher 123 Info: Add a new user.
2.3使用另一个设备进行测试
<R1>telnet 192.168.1.2 Press CTRL_] to quit telnet mode Trying 192.168.1.2 ... Connected to 192.168.1.2 ... Login authentication Username:123 Password: <R2>
但是我们会发现,我们什么都操作不了,因为没有权限,华为一共有15个权限
<R1>sys
^
Error: Unrecognized command found at '^' position.
0-1权限都进入不了用户管理模式
2权限是无法使用user-inst
修改级别【比如把vty0 4的用户权限修改为3】
[R2-ui-vty0-4]user privilege level 3
<R1>telnet 192.168.1.2
Press CTRL_] to quit telnet mode
Trying 192.168.1.2 ...
Connected to 192.168.1.2 ...
Login authentication
Username:123
Password:
-----------------------------------------------------------------------------
User last login information:
-----------------------------------------------------------------------------
Access Type: Telnet
IP-Address : 192.168.1.1
Time : 2020-11-05 10:23:15-08:00
-----------------------------------------------------------------------------
<R2>sys
Enter system view, return user view with Ctrl+Z.
[R2]
创建本地用户并修改认证权限
[R1]user-int vty 0 4
[R1-ui-vty0-4]authentication-mode aaa
[R1-ui-vty0-4]aaa
[R1-aaa]local-user 21 password cipher 21 privilege level 3
Info: Add a new user.
另一台进行测试权限
<R2>telnet 192.168.1.1 Press CTRL_] to quit telnet mode Trying 192.168.1.1 ... Connected to 192.168.1.1 ... Login authentication Username:21 Password: <R1>sys Enter system view, return user view with Ctrl+Z. [R1]
修改已用用户的权限
[R2-aaa]local-user 123 privilege level 4
如果配置的用户无法使用telnet连接
配置本地用户xxx的接入类型为telnet
[R2-aaa]local-user 123 service-type telnet
[R2-aaa]dis this
[V200R003C00]
#
aaa
authentication-scheme default
authorization-scheme default
accounting-scheme default
domain default
domain default_admin
local-user 123 password cipher %$%$La|65ufDo"k<@_4M~ug7[Utk%$%$
local-user 123 privilege level 4
local-user 123 service-type telnet
local-user admin password cipher %$%$K8m.Nt84DZ}e#<0`8bmE3Uw}%$%$
local-user admin service-type http
#
return
SSH连接的方式
1.1开启ssh认证
[R1]stelnet server enable
Info: Succeeded in starting the STELNET server.
1.2配置vty用户只支持ssh协议
[R1-ui-vty0-4]protocol inbound ssh
1.3配置认证用户和密码,级别
[R1-ui-vty0-4]authentication-mode aaa [R1-ui-vty0-4]aaa [R1-aaa]local-user kk password cipher 1 privilege level 3 Info: Add a new user.
1.4配置用户属于哪个协议
[R1-aaa]local-user kk service-type ssh
[R1-aaa]dis this
[V200R003C00]
#
aaa
authentication-scheme default
authorization-scheme default
accounting-scheme default
domain default
domain default_admin
local-user 21 password cipher %$%$xKcOAG|)v:bFqH#RwaaV[f29%$%$
local-user 21 privilege level 3
local-user kk password cipher %$%$tSD(@fO$j/j2lk3Cwq#$]CmQ%$%$
local-user kk privilege level 3
local-user kk service-type ssh
1.5服务端R1创建秘钥对
[R1]rsa local-key-pair create
The key name will be: Host
% RSA keys defined for Host already exist.
Confirm to replace them? (y/n)[n]:y
The range of public key size is (512 ~ 2048).
NOTES: If the key modulus is greater than 512,
It will take a few minutes.
Input the bits in the modulus[default = 512]:
Generating keys...
.....++++++++++++
.......++++++++++++
..............................++++++++
....................++++++++
[R1]
1.6客户端下载公钥
[R2]ssh client first-time enable
1.7,R2使用ssh协议连接R1
[R2]stelnet 192.168.1.1
Please input the username:kk
Trying 192.168.1.1 ...
Press CTRL+K to abort
Connected to 192.168.1.1 ...
Enter password:
-----------------------------------------------------------------------------
User last login information:
-----------------------------------------------------------------------------
Access Type: SSH
IP-Address : 192.168.1.2 ssh
Time : 2020-11-05 16:22:50-08:00
-----------------------------------------------------------------------------
<R1>

评论