VRP基础(7/14,49min)
?
?现在的设备多为VRP5与VRP8,如:
[Quidway]dis version
--------
Huawei Versatile Routing Platform Software
VRP (R) software, Version 5.170 (S5720 V200R010C00SPC600)
Copyright (C) 2000-2016 HUAWEI TECH CO., LTD
HUAWEI S5720-28P-PWR-LI-AC Routing Switch uptime is 0 week, 0 day, 0 hour, 3 minutes
--------设备管理方式:
CLI:Console口、MiniUSB、Telnet、SSH
Web:HTTP(登录使用HTTPS,传输使用HTTP)、HTTPS(登录与传输和都使用HTTPS)
VRP命令基础(7/14,70min)
敲命令/配置的四个阶段:敲全、补全、缩写、白板
Ctrl+]退回至登录界面(类似于锁屏)
Ctral+A光标移至当前行最前
查看历史命令(默认记录10条,错误、无效命令也显示):
[Quidway]dis history-command配置系统时钟
<Quidway>clock timezone Beijing add 08:00:00
<Quidway>clock datetime 14:20:00 2022-07-14
<Quidway>display clock
2022-07-14 14:20:09+08:00
Thursday
Time Zone(Beijing) : UTC+08:00配置标题消息
[Quidway]header login information "Routing And Switching"用户界面命令
查看当前登录用户
[Quidway]display users
User-Intf Delay Type Network Address AuthenStatus AuthorcmdFlag
+ 0 CON 0 00:00:00 设置VTY用户权限(默认5个用户)(VTY与Console用户可分开配置)
[Quidway]user-interface vty 0 4
[Quidway-ui-vty0-4]
//设置五个用户,0为第一个,4为第五个
//若为user-interface vty 1 2,则只对第二、三个用户进行配置设置超时时间(默认10min)
[Quidway-ui-vty0-4]idle-timeout 10 0
//设置超时时间为10分0秒
//若设置为0 0,则代表永不超时,等同于undo idle-timeout设置指定终端屏幕的临时显示行数(默认24行)
[Quidway-ui-vty0-4]screen-length 24设置历史命令缓冲区的大小(默认记录10条)
[Quidway-ui-vty0-4]history-command max-size 10命令等级
状态信息查询
[Quidway]display diagnostic-information
//该命令会回显大量内容,谨慎 [Quidway]display diagnostic-information xxxx.txt
把回显内容存放至某文件中远程管理(7/15,46min)
提到VPN、NAT端口映射、动态域名绑定
如上,类似于思科设备VTY 0 4后选择login(VTY密码+Enable密码)或者login local(用户名+用户名密码)
?使用AAA,不同工程师使用不同账号,且可以设置不同的权限
开启Telnet服务
[Quidway]telnet server enable
Warning: Telnet is not a secure protocol, and it is recommended to use Stelnet.
[Quidway]display telnet server status //查看Telnet服务状态
TELNET IPv4 server :Enable
TELNET IPv6 server :Disable
TELNET server port :23
TELNET server source address :0.0.0.0
ACL4 number :0
ACL6 number :0
[Quidway]配置password认证
[Quidway]user-interface vty 0 4
[Quidway-ui-vty0-4]protocol inbound all
//该命令用来指定VTY用户界面所支持的协议,all为同时支持SSH与Telnet
[Quidway-ui-vty0-4]authentication-mode password //选择认证方式为Password,Password与AAA只能选择一种
Warning: The "password" authentication mode is not secure, and it is strongly recommended to use "aaa" authentication mode.
[Quidway-ui-vty0-4]set authentication password cipher ayanami2022
[Quidway-ui-vty0-4]user privilege level 15 //默认级别为0?验证:
<Quidway>telnet 127.1.1.1
Trying 127.1.1.1 ...
Press CTRL+K to abort
Connected to 127.1.1.1 ...
Warning: Telnet is not a secure protocol, and it is recommended to use Stelnet.
Routing And Switching
Login authentication
Password:(ayanami2022)如上,可以使用密码进行Telnet,不涉及到用户名
切换至AAA认证模式
[Quidway]user-interface vty 0 4
[Quidway-ui-vty0-4]authentication-mode aaa //将认证模式改为aaa
Info: The password of VTY0 will be changed. Please verify the old password.
Please enter old password: (ayanami2022)
Warning: The level of the user-interface(s) will be the default level of AAA users, please check whether it is correct.
Info: The password was cleared.
Info: Succeeded in changing the authentication mode.
[Quidway-ui-vty0-4]quit
[Quidway]aaa
[Quidway-aaa]local-user ayanami password cipher ayanami2022
Info: Add a new user.
[Quidway-aaa]local-user ayanami privilege level 15
Info: After changing the rights (including the password, access type, FTP directory, HTTP directory, and level) of a local user, the rights of users already online do not change. The change takes effect to users who go online after the change.
//创建一个用户ayanami,设置该用户权限为最高
[Quidway-aaa]local-user ayanami service-type telnet
//允许该用户Telnet?验证:
<Quidway>telnet 127.3.3.3
Trying 127.3.3.3 ...
Press CTRL+K to abort
Connected to 127.3.3.3 ...
Warning: Telnet is not a secure protocol, and it is recommended to use Stelnet.
Routing And Switching
Login authentication
Username:ayanami
Password:
Warning: The initial password poses security risks.
The password needs to be changed. Change now? [Y/N]: n关于使用eNSP完成实验
使用eNSP的Cloud桥接用户主机与路由器
Window添加会换网卡
设备管理器——操作——添加过时硬件——安装我手动从列表选择的硬件(高级)——网络适配器——Microsoft(厂商)——Microsoft KM-TSET环回适配器
在eNSP中路由器桥接Cloud,且为主机设置与路由器接口同网段地址