华为防火墙 telnet

[firewalld]int g0/0/0
[firewalld-GigabitEthernet0/0/0]ip address 192.168.1.10 255.255.255.0
[firewalld-GigabitEthernet0/0/0]undo shutdown
//打开接口的http和https管理
[firewalld-GigabitEthernet0/0/0]service-manage http permit
[firewalld-GigabitEthernet0/0/0]service-manage https permit
[firewalld-GigabitEthernet0/0/0]quit
接口加入trust区域
[firewalld]firewall zone trust
[firewalld-zone-trust]add interface GigabitEthernet 0/0/0
[firewalld-zone-trust]quit
配置安全策略
[firewalld]security-policy
[firewalld-policy-security]rule name allow_web
[firewalld-policy-security-rule-allow_web]source-zone trust //指定条件
[firewalld-policy-security-rule-allow_web]destination-zone local //指定条件
[firewalld-policy-security-rule-allow_web]action permit //指定动作
[firewalld-policy-security-rule-allow_web]quit
[firewalld-policy-security]quit
//开启https功能
[firewalld]web-manager security enable
//配置aaa以及本地用户
[firewalld]aaa
[firewalld-aaa]manager-user demo
//以man-machine模式配置密码在屏幕上不会显示任何密码，更加安全

[firewalld-aaa-manager-user-demo]password

Enter Password:

Confirm Password:
[firewalld-aaa-manager-user-demo]service-type web //指定用户类型
[firewalld-aaa-manager-user-demo]level 3 //指定权限级别
[firewalld-aaa-manager-user-demo]quit
[firewalld-aaa]quit

转载于:https://blog.51cto.com/13468179/2324778