【汇总】华为路由交换由浅入深系列
说明
实验拓扑如下:
一、如何通过console口连接路由器
用console线缆将笔记本连接到路由器的Console口,然后通过CRT软件进行连接,如下图:
在输入信息后输入“?”可查看以输入的字母开头的命令。如输入“dis?”,设备将输出所有以dis开头的命令。
在输入的信息后增加空格,再输入“?”,这时设备将尝试识别输入的信息对应的命令,然后输出该命令的其他参数。例如输入“dis ?”,如果只有display命令是以dis开头的,那举设备将输出display命令的参数,如上所示;如果以dis开头的命令还有其他的,设备将报错。
另外可以使用键盘上Tab键补全命令,比如键入“dis”后,按键盘“Tab”键可以将命令补全为“display”。如有多个以“dis”开头的命令存在,则在多个命令间循环切换。
命令在不发生歧的情况下可以使用简写,如“display”可以简写为“dis”或“disp”等,“interface”可以简写为“int”或“inter”等。
?
User view commands:
arp-ping ARP-ping
autosave autosave command group
backup Backup information
cd Change current directory
clear clear command group
clock Specify the system clock
cls Clear screen
compare Compare configuration file
copy Copy from one file to another
debugging debugging command group
delete Delete a file
dialer Dialer
dir List files on a filesystem
display Display information
factory-configuration Factory configuration
display ?
Cellular Cellular interface
aaa AAA
access-user User access
accounting-scheme Accounting scheme
acl acl command group
actual Current actual
adp-ipv4 Ipv4 information
adp-mpls Adp-mpls module
alarm Alarm
antenna Current antenna that outputting radio
anti-attack Specify anti-attack configurations
ap ap command group
display version =====显示设备版本号、型号、启动时间
Huawei Versatile Routing Platform Software
VRP (R) software, Version 5.130 (AR2200 V200R003C00)
Copyright (C) 2011-2012 HUAWEI TECH CO., LTD
Huawei AR2220 Router uptime is 0 week, 0 day, 0 hour, 7 minute
BKP 0 version information:
1. PCB Version : AR01BAK2A VER.NC
2. If Supporting PoE : No
3. Board Type : AR2220
4. MPU Slot Quantity : 1
5. LPU Slot Quantity : 6
MPU 0(Master) : uptime is 0 week, 0 day, 0 hour, 0 minute
MPU version information :
1. PCB Version : AR01SRU2A VER.A
2. MAB Version : 0
3. Board Type : AR2220
4. BootROM Version : 0
二、配置设备console密码、主机名、时间、时区、baner
system-view ====进入系统视图(相当于思科的全局配置模式)
Enter system view, return user view with Ctrl+Z.
[Huawei]
[Huawei]quit or return ====退出系统视图
[Huawei]sysname R1 ===配置主机名
[R1]header login information “Welcome to R” ====配置登录banner,如telnet等
[R1]header shell information “Welcome to HW” ====配置登录banner,如console
quit
Configuration console exit, please press any key to log on
Welcome to HW
[R1]user-interface console 0====进入console口,默认无密码
[R1-ui-console0]authentication-mode password
Please configure the login password (maximum length 16):5 ====选择密码长度
[R1-ui-console0]set authentication password cipher cisco ====配置一个密文形式密码(可以选择明文,命令为simple)
[R1-ui-console0]idle-timeout 3 20 ====配置空闲超时时间3分20秒,默认10分钟
quit
Configuration console exit, please press any key to log on
Welcome to R
Login authentication
Password:
Welcome to HW
display clock ====显示系统时间
2014-05-11 20:02:17
Sunday
Time Zone(Indian Standard Time) : UTC-05:13
Daylight saving time :
Name : Day Light Saving Time
Repeat mode : repeat
Start year : 2005
End year : 2005
Start time : 09-01 12:32:05
End time : 11-23 12:32:05
Saving time : 00:00:00
clock timezone GMT add 08:00:00 ====配置系统时区,中国为+8区
clock datetime 22:59:00 2014-05-11 ====配置系统时间
[R1]super password cipher ccieh3c.taobao.com ====配置密文super密码,防止非法用户权限提升
[R1]display current-configuration | include super ====显示super密码配置
super password level 3 cipher %$%$$#q^6$-.B<#>7NFN%4″D,&Qs%$%$
三、配置接口地址与telnet、SSH
[R1]display ip interface brief ====查看接口状态
*down: administratively down
^down: standby
(l): loopback
(s): spoofing
The number of interface that is UP in Physical is 1
The number of interface that is DOWN in Physical is 3
The number of interface that is UP in Protocol is 1
The number of interface that is DOWN in Protocol is 3
Interface IP Address/Mask Physical Protocol
GigabitEthernet0/0/0 unassigned down down
GigabitEthernet0/0/1 unassigned down down
GigabitEthernet0/0/2 unassigned down down
NULL0 unassigned up up(s)
R1]display interface g0/0/0 ====查看接口详细信息
GigabitEthernet0/0/0 current state : DOWN
Line protocol current state : DOWN
Description:HUAWEI, AR Series, GigabitEthernet0/0/0 Interface
Route Port,The Maximum Transmit Unit is 1500
Internet protocol processing : disabled
IP Sending Frames’ Format is PKTFMT_ETHNT_2, Hardware address is 00e0-fcb9-1ed3
Last physical up time : –
Last physical down time : 2014-05-11 19:24:17 UTC-05:13
Current system time: 2014-05-11 23:14:22
Port Mode: FORCE COPPER
Speed : 1000, Loopback: NONE
Duplex: FULL, Negotiation: ENABLE
Mdi : AUTO
Last 300 seconds input rate 0 bits/sec, 0 packets/sec
Last 300 seconds output rate 0 bits/sec, 0 packets/sec
Input peak rate 0 bits/sec,Record time: –
Output peak rate 0 bits/sec,Record time: –
Input: 0 packets, 0 bytes
Unicast: 0, Multicast: 0
Broadcast: 0, Jumbo: 0
Discard: 0, Total Error: 0
CRC: 0, Giants: 0
Jabbers: 0, Throttles: 0
Runts: 0, Symbols: 0
Ignoreds: 0, Frames: 0
Output: 0 packets, 0 bytes
Unicast: 0, Multicast: 0
Broadcast: 0, Jumbo: 0
Discard: 0, Total Error: 0
Collisions: 0, ExcessiveCollisions: 0
Late Collisions: 0, Deferreds: 0
Input bandwidth utilization threshold : 100.00%
Output bandwidth utilization threshold: 100.00%
Input bandwidth utilization : 0%
Output bandwidth utilization : 0%
[R1]interface g0/0/0 ====进入接口模式(注:默认接口状态为UP,可以使用命令shutdown关闭接口,用restart命令开启)
[R1-GigabitEthernet0/0/0]ip address 202.100.1.1 255.255.255.0
display ip int bri
GigabitEthernet0/0/0 202.100.1.1/24 up up
GigabitEthernet0/0/1 unassigned down down
GigabitEthernet0/0/2 unassigned down down
NULL0 unassigned up up(s)
[R1-GigabitEthernet0/0/0]ping 202.100.1.2
PING 202.100.1.2: 56 data bytes, press CTRL_C to break
Reply from 202.100.1.2: bytes=56 Sequence=1 ttl=255 time=20 ms
Reply from 202.100.1.2: bytes=56 Sequence=2 ttl=255 time=10 ms
Reply from 202.100.1.2: bytes=56 Sequence=3 ttl=255 time=10 ms
Reply from 202.100.1.2: bytes=56 Sequence=4 ttl=255 time=10 ms
Reply from 202.100.1.2: bytes=56 Sequence=5 ttl=255 time=20 ms
— 202.100.1.2 ping statistics —
5 packet(s) transmitted
5 packet(s) received
0.00% packet loss
round-trip min/avg/max = 10/14/20 ms
telnet 配置【基于密码与用户名密码2种方式】
[R1]user-interface vty 0 4 ====进入线下模式
[R1-ui-vty0-4]set authentication password cipher cisco ====配置加密密码为cisco
display telnet server status ====查看telnet server状态
TELNET IPV4 server :Enable
TELNET IPV6 server :Enable
TELNET server port :23
telnet 202.100.1.1
Press CTRL_] to quit telnet mode
Trying 202.100.1.1 …
Connected to 202.100.1.1 …
Welcome to R
Login authentication
Password:
Welcome to HW
super
Password:
Now user privilege is level 3, and only those commands whose level is
equal to or less than this level can be used.
Privilege note: 0-VISIT, 1-MONITOR, 2-SYSTEM, 3-MANAGE
system-view
Enter system view, return user view with Ctrl+Z.
[R1]
display users ====查看telnet会话信息
User-Intf Delay Type Network Address AuthenStatus AuthorcmdFlag
+ 0 CON 0 00:00:00 pass
Username : Unspecified
129 VTY 0 00:03:10 TEL 202.100.1.2 pass
Username : Unspecified
配置用户名+密码认证方式
[R1]user-interface vty 0 4
[R1-ui-vty0-4]authentication-mode aaa
[R1-ui-vty0-4]quit
[R1]
[R2]aaa
[R2-aaa]local-user cisco password cipher cisco privilege level 15
[R2-aaa]local-user cisco service-type telnet
telnet 202.100.1.2
Press CTRL_] to quit telnet mode
Trying 202.100.1.2 …
Connected to 202.100.1.2 …
Login authentication
Username:cisco
Password:
display users
User-Intf Delay Type Network Address AuthenStatus AuthorcmdFlag
+ 0 CON 0 00:00:00 pass
Username : Unspecified
129 VTY 0 00:00:04 TEL 202.100.1.1 pass
Username : cisco
SSH配置:
[R1]rsa local-key-pair create ====生成RSA密钥
The key name will be: Host
% RSA keys defined for Host already exist.
Confirm to replace them? (y/n)[n]:y
The range of public key size is (512 ~ 2048).
NOTES: If the key modulus is greater than 512,
It will take a few minutes.
Input the bits in the modulus[default = 512]:1024
Generating keys…
……………………………………………………………………..
[R1]display rsa local-key-pair public ====查看生成RSA密钥
[R1]user-interface vty 0 4
[R1-ui-vty0-4]authentication-mode aaa
[R1-ui-vty0-4]protocol inbound ssh
[R1-ui-vty0-4]quit
[R1]aaa
[R1-aaa]local-user sshuser password cipher cisco ====创建SSH登陆用户名与密码
Info: Add a new user.
[R1-aaa]local-user sshuser service-type ssh
[R1-aaa]quit
[R1-aaa]local-user sshuser privilege level 15
[R1]stelnet server enable ====启用Stelnet功能
Info: Succeeded in starting the STELNET server.
[R1]ssh user sshuser authentication-type password ====配置SSH登陆用户名服务类型
Authentication type setted, and will be in effect next time
[R1]display ssh server status ====查看SSH服务状态
SSH version :1.99
SSH connection timeout :60 seconds
SSH server key generating interval :0 hours
SSH Authentication retries :3 times
SFTP Server :Disable
Stelnet server :Enable
[R1]display ssh user-information ====查看SSH登陆用户状态
——————————————————————————-
Username Auth-type User-public-key-name
——————————————————————————-
sshuser password null
——————————————————————————-
四、查看、保存、清空、重启路由器
[R1]display current-configuration ====查看路由器当前配置信息
[V200R003C00]
#
sysname R1
#
snmp-agent local-engineid 800007DB03000000000000
snmp-agent
#
clock timezone Indian Standard Time minus 05:13:20
clock daylight-saving-time Day Light Saving Time repeating 12:32 9-1 12:32 11-23 00:00 2005 2005
#
portal local-server load portalpage.zip
#
drop illegal-mac alarm
#
super password level 3 cipher %$%$]D2y,T`vUM+R%[‘e&R+X,$rv%$%$
#
set cpu-usage threshold 80 restore 75
#
aaa
authentication-scheme default
authorization-scheme default
accounting-scheme default
domain default
domain default_admin
local-user admin password cipher %$%$K8m.Nt84DZ}e#<0`8bmE3Uw}%$%$
local-user admin service-type http
local-user sshuser password cipher %$%$b~9\MKg6BVf(QZ$)&iATV6Y1%$%$
local-user sshuser privilege level 15
local-user sshuser service-type ssh
#
firewall zone Local
priority 15
#
interface GigabitEthernet0/0/0
ip address 10.1.1.1 255.255.255.0
#
interface GigabitEthernet0/0/1
#
interface GigabitEthernet0/0/2
#
interface NULL0
#
stelnet server enable
#
user-interface con 0
authentication-mode password
user-interface vty 0 4
authentication-mode aaa
protocol inbound ssh
user-interface vty 16 20
#
wlan ac
#
return
[R1]
save ====保存路由器当前配置信息
The current configuration will be written to the device.
Are you sure to continue? (y/n)[n]:y
It will take several minutes to save configuration file, please wait……
Configuration file had been saved successfully
Note: The configuration file will take effect after being activated
startup saved-configuration iascfg.zip ====配置下次启动加载配置文件
This operation will take several minutes, please wait………
Info: Succeeded in setting the file for booting system
display startup ====查看下次启动加载配置文件
MainBoard:
Startup system software: sd1:/ar2220_V200R001C01SPC300.cc
Next startup system software: sd1:/ar2220_V200R001C01SPC300.cc
Backup system software for next startup: null
Startup saved-configuration file: null
Next startup saved-configuration file: sd1:/iascfg.zip
Startup license file: null
Next startup license file: null
reset saved-configuration ====清空配置
This will delete the configuration in the flash memory.
The device configurations will be erased to reconfigure.
Are you sure? (y/n)[n]:y
Clear the configuration in the device successfully.
reboot ====重启路由器
Info: The system is comparing the configuration, please wait.
Warning: All the configuration will be saved to the next startup configuration. Continue ? [y/n]:n 这里选择不保存,否则配置又存在了
System will reboot! Continue ? [y/n]:y
Info: system is rebooting ,please wait..
下载对应文档
关于博客资源下载说明
(1)第一种是书籍PDF与视频类,全部放在博客分享,觉得对大家学习有帮助的博主会收集好、然后以博主的经验整理分类后排序好分享出来。
(2)第二种是技术性文章与视频,全部放在公众号(网络之路博客)/B站(网络之路Blog)发布,以博主原创为主,主要分享系列为主,由浅入深的带大家了解工作中常用到的一些网络技术,当然也会分享一些比较经典的案例。
(3)分享资源有涉及到您的利益以及版权问题,请联系博主,24小时候内删除。
学习视频系列(总有您想要的)
Book与实验手册(从初级到高级)
数通系列(路由交换 无线、防火墙VPN等)
实战系列(最贴近企业需求的案例)
想第一时间收到最新更新内容吗,点击获取~~~
(广告)博主自主原创最新实战课程
(广告)远程技术支持(设备调试),有搞不定的找我,价格实惠,为您解决实际工作上的问题
