华为路由交换由浅入深系列(一):带你认识华为VRP系统【基本配置,Telnet SSH 查看、保存、清空、重启路由器配置等】 | 网络之路博客(公众号同名)(其他平台网络之路Blog)
登录
  • 欢迎网络之路博客网站,分享有用的知识点,公众号:网络之路博客,B站:网络之路Blog
  • 如果您觉得本站对您有帮助,那么赶紧使用Ctrl+D 收藏吧,支持我们下
  • 远程技术支持的淘宝店铺已经开张了哦,传送门:需要的朋友可以点击查看

华为路由交换由浅入深系列(一):带你认识华为VRP系统【基本配置,Telnet SSH 查看、保存、清空、重启路由器配置等】

【汇总】华为路由交换由浅入深系列

文档帖子汇总学习视频实战系列学习必备软件
    博主也只是业余时间写写技术文档,请大家见谅,大家觉得不错的话,可以推荐给朋友哦,博主会努力推出更好的系列文档的。如果大家有任何疑问或者文中有错误跟疏忽的地方,欢迎大家留言指出,博主看到后会第一时间修改,谢谢大家的支持,更多技术文章尽在网络之路博客,http://ccieh3c.com

说明

1.如何通过console口连接路由器
2.配置设备console密码、主机名、时间、时区、banner、Super密码
3.配置接口地址与telnetSSH
4.查看、保存、清空、重启路由器

实验拓扑如下:

vlan

一、如何通过console口连接路由器

用console线缆将笔记本连接到路由器的Console口,然后通过CRT软件进行连接,如下图:

vlan

在输入信息后输入“?”可查看以输入的字母开头的命令。如输入“dis?”,设备将输出所有以dis开头的命令。
在输入的信息后增加空格,再输入“?”,这时设备将尝试识别输入的信息对应的命令,然后输出该命令的其他参数。例如输入“dis ?”,如果只有display命令是以dis开头的,那举设备将输出display命令的参数,如上所示;如果以dis开头的命令还有其他的,设备将报错。
另外可以使用键盘上Tab键补全命令,比如键入“dis”后,按键盘“Tab”键可以将命令补全为“display”。如有多个以“dis”开头的命令存在,则在多个命令间循环切换。
命令在不发生歧的情况下可以使用简写,如“display”可以简写为“dis”或“disp”等,“interface”可以简写为“int”或“inter”等。

?
User view commands:
arp-ping ARP-ping
autosave autosave command group
backup Backup information
cd Change current directory
clear clear command group
clock Specify the system clock
cls Clear screen
compare Compare configuration file
copy Copy from one file to another
debugging debugging command group
delete Delete a file
dialer Dialer
dir List files on a filesystem
display Display information
factory-configuration Factory configuration

display ?
Cellular Cellular interface
aaa AAA
access-user User access
accounting-scheme Accounting scheme
acl acl command group
actual Current actual
adp-ipv4 Ipv4 information
adp-mpls Adp-mpls module
alarm Alarm
antenna Current antenna that outputting radio
anti-attack Specify anti-attack configurations
ap ap command group

display version =====显示设备版本号、型号、启动时间
Huawei Versatile Routing Platform Software
VRP (R) software, Version 5.130 (AR2200 V200R003C00)
Copyright (C) 2011-2012 HUAWEI TECH CO., LTD
Huawei AR2220 Router uptime is 0 week, 0 day, 0 hour, 7 minute
BKP 0 version information:
1. PCB Version : AR01BAK2A VER.NC
2. If Supporting PoE : No
3. Board Type : AR2220
4. MPU Slot Quantity : 1
5. LPU Slot Quantity : 6

MPU 0(Master) : uptime is 0 week, 0 day, 0 hour, 0 minute
MPU version information :
1. PCB Version : AR01SRU2A VER.A
2. MAB Version : 0
3. Board Type : AR2220
4. BootROM Version : 0

二、配置设备console密码、主机名、时间、时区、baner

system-view ====进入系统视图(相当于思科的全局配置模式)
Enter system view, return user view with Ctrl+Z.
[Huawei]
[Huawei]quit or return ====退出系统视图

[Huawei]sysname R1 ===配置主机名
[R1]header login information “Welcome to R” ====配置登录banner,如telnet
[R1]header shell information “Welcome to HW” ====配置登录banner,如console
quit
Configuration console exit, please press any key to log on
Welcome to HW

[R1]user-interface console 0====进入console口,默认无密码
[R1-ui-console0]authentication-mode password
Please configure the login password (maximum length 16):5 ====选择密码长度
[R1-ui-console0]set authentication password cipher cisco ====配置一个密文形式密码(可以选择明文,命令为simple)
[R1-ui-console0]idle-timeout 3 20 ====配置空闲超时时间3分20秒,默认10分钟

quit
Configuration console exit, please press any key to log on
Welcome to R
Login authentication
Password:
Welcome to HW

display clock ====显示系统时间
2014-05-11 20:02:17
Sunday
Time Zone(Indian Standard Time) : UTC-05:13
Daylight saving time :
Name : Day Light Saving Time
Repeat mode : repeat
Start year : 2005
End year : 2005
Start time : 09-01 12:32:05
End time : 11-23 12:32:05
Saving time : 00:00:00

clock timezone GMT add 08:00:00 ====配置系统时区,中国为+8区
clock datetime 22:59:00 2014-05-11 ====配置系统时间

[R1]super password cipher ccieh3c.taobao.com ====配置密文super密码,防止非法用户权限提升
[R1]display current-configuration | include super ====显示super密码配置
super password level 3 cipher %$%$$#q^6$-.B<#>7NFN%4″D,&Qs%$%$

三、配置接口地址与telnetSSH

[R1]display ip interface brief ====查看接口状态
*down: administratively down
^down: standby
(l): loopback
(s): spoofing
The number of interface that is UP in Physical is 1
The number of interface that is DOWN in Physical is 3
The number of interface that is UP in Protocol is 1
The number of interface that is DOWN in Protocol is 3

Interface IP Address/Mask Physical Protocol
GigabitEthernet0/0/0 unassigned down down
GigabitEthernet0/0/1 unassigned down down
GigabitEthernet0/0/2 unassigned down down
NULL0 unassigned up up(s)

R1]display interface g0/0/0 ====查看接口详细信息
GigabitEthernet0/0/0 current state : DOWN
Line protocol current state : DOWN
Description:HUAWEI, AR Series, GigabitEthernet0/0/0 Interface
Route Port,The Maximum Transmit Unit is 1500
Internet protocol processing : disabled
IP Sending Frames’ Format is PKTFMT_ETHNT_2, Hardware address is 00e0-fcb9-1ed3
Last physical up time : –
Last physical down time : 2014-05-11 19:24:17 UTC-05:13
Current system time: 2014-05-11 23:14:22
Port Mode: FORCE COPPER
Speed : 1000, Loopback: NONE
Duplex: FULL, Negotiation: ENABLE
Mdi : AUTO
Last 300 seconds input rate 0 bits/sec, 0 packets/sec
Last 300 seconds output rate 0 bits/sec, 0 packets/sec
Input peak rate 0 bits/sec,Record time: –
Output peak rate 0 bits/sec,Record time: –

Input: 0 packets, 0 bytes
Unicast: 0, Multicast: 0
Broadcast: 0, Jumbo: 0
Discard: 0, Total Error: 0
CRC: 0, Giants: 0
Jabbers: 0, Throttles: 0
Runts: 0, Symbols: 0
Ignoreds: 0, Frames: 0
Output: 0 packets, 0 bytes
Unicast: 0, Multicast: 0
Broadcast: 0, Jumbo: 0
Discard: 0, Total Error: 0
Collisions: 0, ExcessiveCollisions: 0
Late Collisions: 0, Deferreds: 0
Input bandwidth utilization threshold : 100.00%
Output bandwidth utilization threshold: 100.00%
Input bandwidth utilization : 0%
Output bandwidth utilization : 0%

[R1]interface g0/0/0 ====进入接口模式(注:默认接口状态为UP,可以使用命令shutdown关闭接口,用restart命令开启)
[R1-GigabitEthernet0/0/0]ip address 202.100.1.1 255.255.255.0
display ip int bri
GigabitEthernet0/0/0 202.100.1.1/24 up up
GigabitEthernet0/0/1 unassigned down down
GigabitEthernet0/0/2 unassigned down down
NULL0 unassigned up up(s)

[R1-GigabitEthernet0/0/0]ping 202.100.1.2
PING 202.100.1.2: 56 data bytes, press CTRL_C to break
Reply from 202.100.1.2: bytes=56 Sequence=1 ttl=255 time=20 ms
Reply from 202.100.1.2: bytes=56 Sequence=2 ttl=255 time=10 ms
Reply from 202.100.1.2: bytes=56 Sequence=3 ttl=255 time=10 ms
Reply from 202.100.1.2: bytes=56 Sequence=4 ttl=255 time=10 ms
Reply from 202.100.1.2: bytes=56 Sequence=5 ttl=255 time=20 ms
— 202.100.1.2 ping statistics —
5 packet(s) transmitted
5 packet(s) received
0.00% packet loss
round-trip min/avg/max = 10/14/20 ms

telnet 配置【基于密码与用户名密码2种方式】

[R1]user-interface vty 0 4 ====进入线下模式
[R1-ui-vty0-4]set authentication password cipher cisco ====配置加密密码为cisco
display telnet server status ====查看telnet server状态
TELNET IPV4 server :Enable
TELNET IPV6 server :Enable
TELNET server port :23

telnet 202.100.1.1
Press CTRL_] to quit telnet mode
Trying 202.100.1.1 …
Connected to 202.100.1.1 …
Welcome to R
Login authentication
Password:
Welcome to HW

super
Password:
Now user privilege is level 3, and only those commands whose level is
equal to or less than this level can be used.
Privilege note: 0-VISIT, 1-MONITOR, 2-SYSTEM, 3-MANAGE
system-view
Enter system view, return user view with Ctrl+Z.
[R1]
display users ====查看telnet会话信息
User-Intf Delay Type Network Address AuthenStatus AuthorcmdFlag
+ 0 CON 0 00:00:00 pass
Username : Unspecified
129 VTY 0 00:03:10 TEL 202.100.1.2 pass
Username : Unspecified

配置用户名+密码认证方式
[R1]user-interface vty 0 4
[R1-ui-vty0-4]authentication-mode aaa
[R1-ui-vty0-4]quit
[R1]
[R2]aaa
[R2-aaa]local-user cisco password cipher cisco privilege level 15
[R2-aaa]local-user cisco service-type telnet

telnet 202.100.1.2
Press CTRL_] to quit telnet mode
Trying 202.100.1.2 …
Connected to 202.100.1.2 …
Login authentication
Username:cisco
Password:

display users
User-Intf Delay Type Network Address AuthenStatus AuthorcmdFlag
+ 0 CON 0 00:00:00 pass
Username : Unspecified
129 VTY 0 00:00:04 TEL 202.100.1.1 pass
Username : cisco
SSH配置:
[R1]rsa local-key-pair create ====生成RSA密钥
The key name will be: Host
% RSA keys defined for Host already exist.
Confirm to replace them? (y/n)[n]:y
The range of public key size is (512 ~ 2048).
NOTES: If the key modulus is greater than 512,
It will take a few minutes.
Input the bits in the modulus[default = 512]:1024
Generating keys…
……………………………………………………………………..
[R1]display rsa local-key-pair public ====查看生成RSA密钥
[R1]user-interface vty 0 4
[R1-ui-vty0-4]authentication-mode aaa
[R1-ui-vty0-4]protocol inbound ssh
[R1-ui-vty0-4]quit
[R1]aaa
[R1-aaa]local-user sshuser password cipher cisco ====创建SSH登陆用户名与密码
Info: Add a new user.
[R1-aaa]local-user sshuser service-type ssh
[R1-aaa]quit
[R1-aaa]local-user sshuser privilege level 15
[R1]stelnet server enable ====启用Stelnet功能
Info: Succeeded in starting the STELNET server.
[R1]ssh user sshuser authentication-type password ====配置SSH登陆用户名服务类型
Authentication type setted, and will be in effect next time

[R1]display ssh server status ====查看SSH服务状态
SSH version :1.99
SSH connection timeout :60 seconds
SSH server key generating interval :0 hours
SSH Authentication retries :3 times
SFTP Server :Disable
Stelnet server :Enable

[R1]display ssh user-information ====查看SSH登陆用户状态
——————————————————————————-
Username Auth-type User-public-key-name
——————————————————————————-
sshuser password null
——————————————————————————-

四、查看、保存、清空、重启路由器

[R1]display current-configuration ====查看路由器当前配置信息
[V200R003C00]
#
sysname R1
#
snmp-agent local-engineid 800007DB03000000000000
snmp-agent
#
clock timezone Indian Standard Time minus 05:13:20
clock daylight-saving-time Day Light Saving Time repeating 12:32 9-1 12:32 11-23 00:00 2005 2005
#
portal local-server load portalpage.zip
#
drop illegal-mac alarm
#
super password level 3 cipher %$%$]D2y,T`vUM+R%[‘e&R+X,$rv%$%$
#
set cpu-usage threshold 80 restore 75
#
aaa
authentication-scheme default
authorization-scheme default
accounting-scheme default
domain default
domain default_admin
local-user admin password cipher %$%$K8m.Nt84DZ}e#<0`8bmE3Uw}%$%$
local-user admin service-type http
local-user sshuser password cipher %$%$b~9\MKg6BVf(QZ$)&iATV6Y1%$%$
local-user sshuser privilege level 15
local-user sshuser service-type ssh
#
firewall zone Local
priority 15
#
interface GigabitEthernet0/0/0
ip address 10.1.1.1 255.255.255.0
#
interface GigabitEthernet0/0/1
#
interface GigabitEthernet0/0/2
#
interface NULL0
#
stelnet server enable
#
user-interface con 0
authentication-mode password
user-interface vty 0 4
authentication-mode aaa
protocol inbound ssh
user-interface vty 16 20
#
wlan ac
#
return
[R1]

save ====保存路由器当前配置信息
The current configuration will be written to the device.
Are you sure to continue? (y/n)[n]:y
It will take several minutes to save configuration file, please wait……
Configuration file had been saved successfully
Note: The configuration file will take effect after being activated

startup saved-configuration iascfg.zip ====配置下次启动加载配置文件
This operation will take several minutes, please wait………
Info: Succeeded in setting the file for booting system

display startup ====查看下次启动加载配置文件
MainBoard:
Startup system software: sd1:/ar2220_V200R001C01SPC300.cc
Next startup system software: sd1:/ar2220_V200R001C01SPC300.cc
Backup system software for next startup: null
Startup saved-configuration file: null
Next startup saved-configuration file: sd1:/iascfg.zip
Startup license file: null
Next startup license file: null

reset saved-configuration ====清空配置
This will delete the configuration in the flash memory.
The device configurations will be erased to reconfigure.
Are you sure? (y/n)[n]:y
Clear the configuration in the device successfully.

reboot ====重启路由器
Info: The system is comparing the configuration, please wait.
Warning: All the configuration will be saved to the next startup configuration. Continue ? [y/n]:n 这里选择不保存,否则配置又存在了
System will reboot! Continue ? [y/n]:y
Info: system is rebooting ,please wait..

下载对应文档

百度盘下载博客资源汇总与学习思路
如果下载地址失效,请联系博主或者在下面留言,谢谢。下面也有其他您需要的资源推荐哦

关于博客资源下载说明

首先,感谢大家对网络之路博客的支持,本站所有资源都是开放下载,不做任何限制,资源都是上传在百度盘,分为两种类型:
(1)第一种是书籍PDF与视频类,全部放在博客分享,觉得对大家学习有帮助的博主会收集好、然后以博主的经验整理分类后排序好分享出来。
(2)第二种是技术性文章与视频,全部放在公众号(网络之路博客)/B站(网络之路Blog)发布,以博主原创为主,主要分享系列为主,由浅入深的带大家了解工作中常用到的一些网络技术,当然也会分享一些比较经典的案例。
(3)分享资源有涉及到您的利益以及版权问题,请联系博主,24小时候内删除。
想第一时间收到最新更新内容吗,点击获取~~~

点击查看详情

(广告)博主自主原创最新实战课程

点击查看详情


(广告)远程技术支持(设备调试),有搞不定的找我,价格实惠,为您解决实际工作上的问题

远程技术调试与技术支持,点击查看详情


原创与收集的内容,允许转载,转载时请务必以超链接形式标明文章原始出处,博客地址http://ccieh3c.com。

喜欢 (14)
[]
分享 (0)
公众号:网络之路博客(其他平台网络之路Blog)
分享一些自己懂的技术知识点,希望对大家有帮助。
发表我的评论
取消评论
表情 贴图 加粗 删除线 居中 斜体 签到

Hi,您需要填写昵称和邮箱!

  • 昵称 (必填)
  • 邮箱 (必填)
  • 网址