選択した言語が見つかりません。

このサイトはCookieを使用しています。 サイトを閲覧し続けることで、Cookieの使用に同意したものとみなされます。プライバシーポリシーを読む>

CLI-based Configuration Guide - Basic Configuration

AR120, AR150, AR160, AR200, AR1200, AR2200, AR3200, and AR3600 V200R007

This document describes methods to use command line interface and to log in to the device, file operations, and system startup configurations.
Rate and give feedback :
この文書の日本語を含む他言語への翻訳は、元の文書の内容の理解を支援する目的で提供されています。翻訳には機械翻訳が利用され、人間による簡単な校正のみが行われています。 注: 最先端の機械翻訳を利用した場合でも、翻訳の品質はプロの翻訳者による翻訳ほど十分ではありません。ファーウェイは、翻訳の正確性についていかなる責任も負わないものとします。リンクを使用して、英語版の元の文書も同時に参照することを推奨します。
About This Document

About This Document

Intended Audience

This document provides the basic concepts, configuration procedures, and configuration examples in different application scenarios of the Basic configuration supported by the device.

This document is intended for:

  • Data configuration engineers
  • Commissioning engineers
  • Network monitoring engineers
  • System maintenance engineers

Symbol Conventions

The symbols that may be found in this document are defined as follows.

Symbol

Description

Indicates an imminently hazardous situation which, if not avoided, will result in death or serious injury.

Indicates a potentially hazardous situation which, if not avoided, could result in death or serious injury.

Indicates a potentially hazardous situation which, if not avoided, may result in minor or moderate injury.

Indicates a potentially hazardous situation which, if not avoided, could result in equipment damage, data loss, performance deterioration, or unanticipated results.

NOTICE is used to address practices not related to personal injury.

Calls attention to important information, best practices and tips.

NOTE is used to address information not related to personal injury, equipment damage, and environment deterioration.

Command Conventions

The command conventions that may be found in this document are defined as follows.

Convention

Description

Boldface

The keywords of a command line are in boldface.

Italic

Command arguments are in italics.

[ ]

Items (keywords or arguments) in brackets [ ] are optional.

{ x | y | ... }

Optional items are grouped in braces and separated by vertical bars. One item is selected.

[ x | y | ... ]

Optional items are grouped in brackets and separated by vertical bars. One item is selected or no item is selected.

{ x | y | ... }*

Optional items are grouped in braces and separated by vertical bars. A minimum of one item or a maximum of all items can be selected.

[ x | y | ... ]*

Optional items are grouped in brackets and separated by vertical bars. Several items or no item can be selected.

&<1-n>

The parameter before the & sign can be repeated 1 to n times.

#

A line starting with the # sign is comments.

Interface Numbering Conventions

Interface numbers used in this manual are examples. In device configuration, use the existing interface numbers on devices.

Security Conventions

  • Password setting
    • When configuring a password, the cipher text is recommended. To ensure device security, change the password periodically.
    • When you configure a password in plain text that starts and ends with %@%@, @%@%, %#%#, or %^%# (the password can be decrypted by the device), the password is displayed in the same manner as the configured one in the configuration file. Do not use this setting.
    • When you configure a password in cipher text, different features cannot use the same cipher-text password. For example, the cipher-text password set for the AAA feature cannot be used for other features.
  • Encryption algorithm

    Currently, the device uses the following encryption algorithms: DES, 3DES, AES, DSA, RSA, DH, ECDH, HMAC, SHA1, SHA2, PBKDF2, scrypt, and MD5. The encryption algorithm depends on the applicable scenario. Use the recommended encryption algorithm; otherwise, security defense requirements may be not met.

    • For the symmetrical encryption algorithm, use AES with the key of 256 bits or more.
    • When you need to use an asymmetric cryptography, RSA (2048-bit or longer key) is recommended. In addition, use different key pairs for encryption and signature.
    • For the digital signature, RSA (2048-bit or longer key) or DSA (2048-bit or longer key) is recommended.
    • For key negotiation, DH (2048-bit or longer key) or ECDH (256-bit or longer key) is recommended.
    • For the hash algorithm, use SHA with the key of 256 bits or more.
    • For the HMAC algorithm, use HMAC-SHA2.
    • DES, 3DES, RSA and AES are reversible encryption algorithm. If protocols are used for interconnection, the locally stored password must be reversible.
    • SHA1, SHA2, and MD5 are irreversible encryption algorithm. When configuring a password for local administrator, it is recommended that you use the SHA2 irreversible encryption algorithm.
    • To prevent brute force cracking of the user password, the iteration algorithm is added to the password on the basis of salts. The iteration algorithm uses PBKDF2 or scrypt key export algorithm.
    • The ECB mode has a poor capability of defending against plaintext playback attacks, so ECB is not recommended for password encryption.
    • In SSH2.0, the symmetric cryptography using the CBC mode may undergo the plaintext-recovery attack to cause a data leak. Therefore, the CBC mode is not recommended for SSH2.0.
  • Personal data

    Some personal data may be obtained or used during operation or fault location of your purchased products, services, features, so you have an obligation to make privacy policies and take measures according to the applicable law of the country to protect personal data.

  • The terms mirrored port, port mirroring, traffic mirroring, and mirroring in this manual are mentioned only to describe the product's function of communication error or failure detection, and do not involve collection or processing of any personal information or communication data of users.

Mappings Between Product Software Versions and NMS Versions

The mappings between product software versions and NMS versions are as follows.

AR120&AR150&AR160&AR200&AR1200&AR2200&AR3200&AR3600 Product Software Version

eSight

iManager U2000

V200R007C00&V200R007C01&V200R007C02

V300R005C00

V200R015C60

Change History

Changes between document issues are cumulative. Therefore, the latest document version contains all updates made to previous versions.

Changes in Issue 09 (2017-12-29)

This version has the following updates:

Changes in Issue 08 (2017-04-06)

This version has the following updates:

Changes in Issue 07 (2016-11-03)

This version has the following updates:

The following information is modified:

Changes in Issue 06 (2016-09-15)

This version has the following updates:

The following information is modified:

Changes in Issue 05 (2016-06-15)

This version has the following updates:

Changes in Issue 04 (2016-04-25)

This version has the following updates:

Changes in Issue 03 (2016-02-05)

This version has the following updates:

Changes in Issue 02 (2015-11-13)

This version has the following updates:

Changes in Issue 01 (2015-08-30)

Initial commercial release.

ダウンロード
Updated: 2018-09-20

ドキュメント番号: EDOC1000097177

閲覧数:12190

ダウンロード: 952

Average rating:
This Document Applies to these Products
関連ドキュメント
Share
戻る 次へ