版权声明:本文为博主原创文章,未经博主允许不得转载。 https://blog.csdn.net/weixin_39531549/article/details/82763350
一、查看配置信息
//一个tab是视图 二个tab是接口或者aaa、vty
视图 : display current-configuration//查看所有配置信息
display this//当前视图下的配置信息
接口 :ip address 1.1.1.1 24//配置路由器IP地址
接口 :display ip interface brief//查看接口与IP相关信息
视图 :display ip routing-table //查看路由表
==================================================================================================================
二、telnet和ftp
Telnet://配置Telnet密码验证:
视图:user-interface vty 0 4
authentication-mode password
display user //查看已登录用户信息
user-interface vty 0 4
authentication-mode aaa
user privilege level 0-15
aaa
local-user admin password cipher huawei
local-user admin privilege level 3
local-user admin service-type telnet
远程登录认证方式改成 aaa 在aaa中新建用户(权限,协议ssh),最后将用户在ssh新建认证方式password ,启动服务
STelnet:server//服务器
rsa local-key-pair create//生成本地rsa主机密钥对
display rsa local-key-pair public //查看本地密钥中公钥信息
user-interface vty 0 4
authentication-mode aaa
protocol inbound ssh
aaa
local-user huawei password cipher huawei//添加本地用户和用户口令
local-user huawei service-type ssh
ssh user huawei authentication-type password//新建ssh用户 认证方式password
stelnet server enable//服务开启
display ssh user-information huawei//查看ssh用户配置信息
client://客服端
ssh client first-time enable
==================================================================================================================
FTP:
aaa
local-user ftp password cipher huawei
local-user ftp ftp-directory flash:
local-user ftp service-type ftp
local-user ftp privilege level 0-15
==================================================================================================================
SFtp:
rsa local-key-pair create//生成本地rsa主机密钥对
display rsa local-key-pair public //查看本地密钥中公钥信息
user-interface vty 0 4
authentication-mode aaa
protocol inbound ssh
aaa
local-user huawei password cipher huawei
local-user huawei service-type ssh ftp
local-user huawei privilege level 0-15
local-user huawei ftp-directory flash://设置ftp用户可以访问的目录 不配置,ftpp用户不可以登录
ssh user huawei authentication-type password
sftp server enable
==================================================================================================================三、交换机配置——VLAN
交换机:
interface g0/0/0
undo negotiation auto//关掉自动协商
duplex full//全双工模式
speed 10//设置接口速率
==================================================================================================================
ARP:
display arp all//查看arp表
arp static ip mac//添加静态arp
interface g0/0/0
arp-proxy enable//开启代理arp功能
==================================================================================================================
VLAN:
vlan 10 // vlan batch 10 20 //创建vlan
description HR//vlan描述信息
Access:
interface g0/0/0
port link-type access
port default vlan 10
Trunk:
display vlan summary//产看所配置vlan简要信息
display portvlan //查看vlan和接口配置信息
interface g0/0/0
port link-type trunk
port trunk allow-pass vlan all
Hybrid:
//允许接口通过的vlan 接受到该vlan去掉标签
//转发时 允许通过的vlan 打上标签
interface e0/0/0
undo port default vlan//回复默认vlan
port link-type hybrid
port hybrid untagged vlan 20//配置交换机该接口转发vlan20帧时剥掉相应的标签
port hybrid pvid vlan 20//设置接口默认vlan id 接受到未带标签的帧 就加上vlan20标签 并转发到vlan20
undo port trunk allow-pass vlan 2 to 4094//undo trunk链路设置 然后设置允许通过的vlan10 20
port hybrid tagged vlan 10 20