登录设备
通过CLI登录设备
通过console口登录
缺省情况下,用户可以直接通过Console口本地登录设备,登录时认证方式为None(不需要用户名和密码),登录用户级别为3
user-interface console first-number [ last-number ]
authentication-mode none
配置通过Console口登录设备时采用密码认证(Password)
user-interface console/aux first-number [ last-number ]
authentication-mode password
set authentication password { cipher | simple } password
配置通过Console口登录设备时采用AAA认证(Scheme)
user-interface console/aux first-number [ last-number ]
authentication-mode scheme
local-user user-name
password { cipher | simple } password
authorization-attribute level level
service-type terminal
通过Telnet登录
配置通过Telnet Client登录设备时无需认证(None)
telnet server enable
user-interface vty first-number [ last-number ]
authentication-mode none
user privilege level level
配置通过Telnet Client登录设备时采用密码认证(Password)
telnet server enable
user-interface vty first-number [ last-number ]
authentication-mode password
set authentication password { cipher | simple } password
user privilege level level
配置通过Telnet Client登录设备时采用AAA认证(Scheme)
telnet server enable
user-interface vty first-number [ last-number ]
authentication-mode scheme
quit
local-user user-name
password { cipher | simple } password
authorization-attribute level level
service-type telnet
配置对Telnet用户的控制
system-view
acl number acl-number [ name name ] [ match-order { config | auto } ]
quit
user-interface [ type ] first-number [ last-number ]
acl [ ipv6 ] acl-number { inbound | outbound }
通过Web网管登录设备
system-view
ip http enable
ip http port port-number
ip http acl acl-number
local-user user-name
password { cipher | simple } password
authorization-attribute level level
service-type web
quit
interface interface-type { interface-number | interface-number.subnumber }
ip address ip-address { mask | mask-length }
端口组
port-group manual 1
group member e0/0/1 to e0/0/5
port access vlan X
vlan配置
配置基于Access端口的VLAN
system-view
vlan vlan-id
port interface-list
system-view
interface interface-type interface-number
port-group manual port-group-name
interface bridge-aggregation interface-number
port link-type access
port access vlan vlan-id
配置基于Trunk端口的VLAN
system-view
interface interface-type interface-number
port-group manual port-group-name
interface bridge-aggregation interface-number
port link-type trunk
port trunk permit vlan { vlan-id-list | all }
port trunk pvid vlan vlan-id
配置基于Hybrid端口的VLAN
system-view
interface interface-type interface-number
port-group manual port-group-name
interface bridge-aggregation interface-number
port link-type hybrid
port hybrid vlan vlan-id-list { tagged | untagged }
port hybrid pvid vlan vlan-id
IP配置
system-view
interface interface-type interface-number
ip address ip-address { mask-length | mask } [ sub ]
路由配置
静态路由配置
system-view
ip route-static dest-address { mask | mask-length } { next-hop-address [ track track-entry-number ] | interface-type interface-number [ next-hop-address ] | -instance d--instance-name next-hop-address [ track track-entry-number ] } [ preference preference-value ] [ tag tag-value ] [ description description-text ]
ip route-static -instance s--instance-name&<1-6> dest-address { mask | mask-length } { next-hop-address [ public ] [ track track-entry-number ] | interface-type interface-number [ next-hop-address ] | -instance d--instance-name next-hop-address [ track track-entry-number ] } [ preference preference-value ] [ tag tag-value ] [ description description-text ]
ip route-static default-preference default-preference-value
ospf配置
system-view
router id router-id
ospf [ process-id | router-id router-id | -instance -instance-name ] *
description description
area area-id
description description
network ip-address wildcard-mask
NAT配置
system-view
nat address-group group-number
address start-address end-address
interface interface-type interface-number
nat outbound [ acl-number ] [ address-group group-number ] [ -instance -instance-name ] [ port-preserved ]
nat mapping-behavior endpoint-independent [ acl acl-number ]
查看console口参数
dis user-interface aux 0
查看在线用户
dis users
