2013年8月14日星期三

Five ways to the Huawei switch Telnet settings

1 TELNET does not verify to the configuration
[SwitchA-ui-vty0-4]authentication-mode none BA2
2 TELNET password authentication to the configuration
1 into the user interface view
[SwitchA]user-interface vty 04
2 set the authentication mode password authentication method
[SwitchA-ui-vty0-4]authentication-mode password
3 setting the plaintext password
[SwitchA-ui-vty0-4]set authentication password simple Huawei
4 by default, can be accessed from the VTY user interface login commandlevel for the 0. Need to set the permissions of users is 3, the user can enter the system view to operate, or only 0 user permissions
[SwitchA-ui-vty0-4]user privilege level 3
3 TELNET local user name and password authentication to the configuration
1 into the user interface view
[SwitchA]user-interface vty 04
2 using the authentication-mode scheme command, said the need for local or remote user name and password authentication.
[SwitchA-ui-vty0-4]authentication-mode scheme
3 set the local user name and password
[SwitchA]local-user Huawei
[SwitchA-user-huawei]service-type telnet Level 3
[SwitchA-user-huawei]password simple Huawei
4 if TELNET does not change the logged on user permissions, user login isunable to enter the other views directly, you can set the super password, to control the user permission to enter the other view
[SwitchA]local-user Huawei
[SwitchA-user-huawei]service-type telnet
[SwitchA-user-huawei]password simple Huawei
[SwitchA]super password Level 3 simple Huawei
4 TELNET RADIUS authentication to the configuration
To use the Huawei development of the cams as the RADIUS server as an example
1 set TELNET login scheme
[SwitchA-ui-vty0-4]authentication-mode scheme
2 to configure RADIUS authentication scheme
[SwitchA]radius scheme cams
The 3 configuration RADIUS authentication server address 10.110.51.31
[SwitchA-radius-cams]primary authentication 10.110.51.31 1812
The 4 configuration RADIUS billing server address 10.110.51.31
[SwitchA-radius-cams]primary accounting 10.110.51.31 1813
The 5 configuration switches and authentication server authentication password
[SwitchA-radius-cams]key authentication expert
The 6 configuration switches with the billing server authentication password
[SwitchA-radius-cams]key accounting expert
7 server configuration is similar to Huawei, which is used in CAMS
[SwitchA-radius-cams]server-type Huawei
The message sent to the RADIUS 8 with no name
[SwitchA-radius-cams]user-name-format without-domain
9 create (into) a domain
[SwitchA]domain Huawei
10 in domain Huawei name for the "authentication scheme for cams"
[SwitchA-isp-huawei]radius-scheme cams
11 the Huawei field is set to the default domain
[SwitchA]domain default enable Huawei
5 TELNET Access control to the configuration 
The 1 is allowed only IP address switch ACL1
[SwitchA-ui-vty0-4]acl 1 inbound
2 set of rules only allow a network login
[SwitchA]acl number 1
[SwitchA-acl-basic-1]
[SwitchA-acl-basic-1]rule permit source 10.10.10.0 0.0.0.255
3 set rules prohibit a network login
[SwitchA]acl number 1
[SwitchA-acl-basic-1] BPA

[SwitchA-acl-basic-1]rule deny source 10.10.10.0 0.0.0.255

1 条评论: