No relevant resource is found in the selected language.

This site uses cookies. By continuing to browse the site you are agreeing to our use of cookies. Read our privacy policy>Search

Reminder

To have a better experience, please upgrade your IE browser.

upgrade

S12700 Series Agile Switches Typical Configuration Examples

This document provides examples for configuring features in typical usage scenarios.
Rate and give feedback :
Huawei uses machine translation combined with human proofreading to translate this document to different languages in order to help you better understand the content of this document. Note: Even the most advanced machine translation cannot match the quality of professional translators. Huawei shall not bear any responsibility for translation accuracy and it is recommended that you refer to the English document (a link for which has been provided).
Example for Configuring Switch Login Through a Console Port

Example for Configuring Switch Login Through a Console Port

Overview

After a PC is connected to a switch through a dedicated console cable, you can perform login configurations and use the PC to manage the switch.

Logging in through a console port is a basic login mode and forms the basis of other login modes such as Telnet and STelnet. When you log in to a switch for the first time or if you cannot remotely log in to a switch, you can log in to the switch through a console port.

Configuration Notes

  • Prepare a console cable. If you use a laptop or a PC without a serial port, prepare a USB to serial cable and install the driver stored on the CD-ROM (delivered with the cable) according to instructions.
  • Install the terminal emulation software on the PC. You can use the built-in HyperTerminal of Windows 2000 on the PC. If no built-in terminal emulation software is available, prepare the terminal emulation software. For details on how to use terminal emulation software, see the related usage guide or online help. The third-party software SecureCRT is used as an example here.
  • This example applies to all versions of the S12700.

Networking Requirements

The IT maintenance department of a company purchases S series switches, which are configured by network administrators. A network administrator usually logs in to a new switch through a console port and then performs initial configurations.

As shown in Figure 4-1, the serial port of a PC is connected to the console port of the Switch through a console cable. The user wants to log in to the Switch through the console port and requires local authentication upon the next login. To facilitate remote maintenance on the Switch, the user wants to configure the Telnet function.

Figure 4-1  Networking diagram for configuring switch login through a console port

Configuration Roadmap

The configuration roadmap is as follows:

  1. Configure terminal emulation software, set the connected port and communication parameters, and log in to the Switch.

  2. Configure basic information for the Switch, including the date, time, time zone, and name, to facilitate management.

  3. Configure an authentication mode for the console user interface so that the user is authenticated upon the next login through the console port.
  4. Configure the management IP address and Telnet to facilitate remote maintenance on the Switch.

Procedure

  1. Connect the DB9 female connector of the console cable to the serial port (COM) on the PC, and connect the RJ45 connector to the console port on the switch, as shown in Figure 4-2.

    Figure 4-2  Connecting to the switch through the console port

    NOTE:
    • If you use a laptop or a PC without a serial port, prepare a USB to serial cable. Install the driver stored on the CD-ROM (delivered with the cable) according to instructions, connect the USB-DB9 female connector of the cable to the USB port on the PC, and connect the RJ-45 connector to the console port on the switch.
    • If the switch has two MPUs, you can log in to the switch through the console port on either of the two MPUs.

  2. Configure terminal emulation software and log in to the Switch.

    Start terminal emulation software (SecureCRT is used as an example) on the PC. Establish a connection, and set the connected port and communication parameters. Table 4-1 lists the default attribute settings of a console port.

    Table 4-1  Default attribute settings of a console port
    Parameter Default Setting
    Baud rate 9600 bit/s
    Flow Control None
    Parity

    In V200R009 and earlier versions, authentication is not performed by default. In V200R010 and later versions, AAA authentication is used by default, the default user name is admin, and the default password is admin@huawei.com.

    Stop bits 1
    Data bits 8

    1. Click to establish a connection, as shown in Figure 4-3.

      Figure 4-3  Establishing a connection

    2. Set the connected port and communication parameters, as shown in Figure 4-4.

      Select the connected port based on actual situations. For example, you can view port information in Device Manager in the Windows operating system, and select the connected port.

      Communication parameters of terminal emulation software must be consistent with the default attribute settings of the console port on the Switch, which are 9600 bit/s transmission rate, 8 data bits, 1 stop bit, no parity check, and no flow control.

      NOTE:

      By default, no flow control mode is configured on the switch. Because RTS/CTS is selected in the software by default, you need to deselect RTS/CTS; otherwise, you cannot enter commands.

      Figure 4-4  Setting the connected port and communication parameters

    3. Click Connect. In V200R009 and earlier versions, the following information will be displayed, prompting you to configure a login password. There is no default password for first login. You need to configure a login password. (The following output is only for reference.)

      An initial password is required for the first login via the console.
      Continue to set it? [Y/N]: y   //Configure the login password.
      Set a password and keep it safe. Otherwise you will not be able to login via the console.
      
      Please configure the login password (8-16)                                      
      Enter Password:             
      Confirm Password:                                         
      <HUAWEI>       

      In V200R010 and later versions, the system prompts you to enter the user name and password. The default user name for first login is admin and password is admin@huawei.com. You must reconfigure the password during first login. If you have already configured a password, use it for subsequent logins. (The following output is only for reference.)

      Login authentication 
      
      
      Username:admin
      Password:      //Enter the default password admin@huawei.com.
      Warning: The default password poses security risks.
      The password needs to be changed. Change now? [Y/N]: y   //Change the login password.
      Please enter old password:    //Enter the default password admin@huawei.com.
      Please enter new password:    //Enter the new password.
      Please confirm new password:    //Enter the new password again.
      The password has been changed successfully
      <HUAWEI>
      • The value is a string of 8 to 16 case-sensitive characters without spaces. The password must contain at least two types of the following: upper-case and lower-case letters, digits, and special characters except the question mark (?).
      • The password entered in interactive mode is not displayed on the screen.
      • When you log in to the switch again in password authentication mode, enter the password set during the initial login if you have not modified the authentication mode and password.

      You can run commands to configure the Switch. Enter a question mark (?) whenever you need help.

  3. Configure basic information for the Switch.

    # Set the date, time, time zone, and name.

    NOTE:

    The time zone varies depending on the location of a switch. Set the time zone based on the site requirements. The following information is only for reference.

    <HUAWEI> clock timezone BJ add 08:00:00    //BJ is the name of the time zone, and 08:00:00 indicates that the local time is 8 plus the system default UTC time zone.
    <HUAWEI> clock datetime 10:10:00 2014-07-26    //Set the current date and time. Before setting the current time, check the time zone and set a correct time zone offset to ensure the correct local time.
    <HUAWEI> system-view
    [HUAWEI] sysname Switch    //Set the switch name to Switch.
    

  4. Configure an authentication mode for the console user interface. (In V200R010 and later versions, the default authentication mode for the console user interface is AAA authentication. The method of changing the authentication mode is similar and is not provided here.)

    # Set the authentication mode of the console interface to AAA, and create a local user.

    [Switch] user-interface console 0
    [Switch-ui-console0] authentication-mode aaa    //Set the authentication mode of the user to AAA.
    [Switch-ui-console0] quit
    [Switch] aaa
    [Switch-aaa] local-user admin1234 password irreversible-cipher Helloworld@6789    //Create a local user named admin1234 and set its password to Helloworld@6789.
    [Switch-aaa] local-user admin1234 privilege level 15    //Set the user level to 15.
    [Switch-aaa] local-user admin1234 service-type terminal    //Set the access type to terminal, that is, console user.
    [Switch-aaa] quit

  5. Configure the management IP address and Telnet.

    # Configure the management IP address.

    [Switch] vlan 10
    [Switch-vlan10]  interface vlanif 10    //Configure VLANIF 10 as the management interface.
    [Switch-Vlanif10] ip address 10.1.1.1 24
    [Switch-Vlanif10] quit
    [Switch] interface gigabitethernet 0/0/10    //GE0/0/10 is the physical interface used for logging in to the switch through the web system on a PC. Select an interface based on actual networking requirements.
    [Switch-GigabitEthernet0/0/10] port link-type access    //Set the interface type to access.
    [Switch-GigabitEthernet0/0/10] port default vlan 10    //Add GE0/0/10 to VLAN 10.
    [Switch-GigabitEthernet0/0/10] quit

    # Configure the Telnet function.

    [Switch] telnet server enable    //Enable Telnet.
    [Switch] user-interface vty 0 4    //Enter the user interface views of VTY 0 to VTY 4.
    [Switch-ui-vty0-4] user privilege level 15    //Set the level of users in VTY 0 to VTY 4 to 15.
    [Switch-ui-vty0-4] authentication-mode aaa    //Set the authentication mode of users in VTY 0 to VTY 4 to AAA.
    [Switch-ui-vty0-4] quit
    [Switch] aaa
    [Switch-aaa] local-user admin123 password irreversible-cipher Huawei@6789    //Create a local user named admin1234 and set its password to Huawei@6789.
    [Switch-aaa] local-user admin123 privilege level 15    //Set the user level to 15.
    [Switch-aaa] local-user admin123 service-type telnet    //Set the access type to telnet, that is, Telnet user.
    [Switch-aaa] quit
    

  6. Verify the configuration.

    When logging in to the switch again through the console port after completing the configuration, you need to enter the user name and authentication password configured in the preceding steps to pass identity authentication and log in to the switch successfully. You can also log in to the switch using Telnet.

Configuration Files

Switch configuration file

#
sysname Switch
#
vlan batch 10
#
telnet server enable
#
clock timezone BJ add 08:00:00
#
aaa
 local-user admin123 password irreversible-cipher %^%#}+ysUO*B&+p'NRQR0{ZW7[GA*Z*!X@o:Va15dxQAj+,$>NP>63de|G~ws,9G%^%#
 local-user admin123 privilege level 15
 local-user admin123 service-type telnet
 local-user admin1234 password irreversible-cipher %^%#}+ysUO*B&+p'NRQR0{ZW7[GA*Z*!X@o:Va15dxQAj+,$>NP>63de|G~ws,9G%^%#
 local-user admin1234 privilege level 15
 local-user admin1234 service-type terminal
#
interface Vlanif10
 ip address 10.1.1.1 255.255.255.0
#
interface GigabitEthernet0/0/10
 port link-type access
 port default vlan 10
#
user-interface con 0
 authentication-mode aaa
user-interface vty 0 4
 authentication-mode aaa
 user privilege level 15 
#
return
Download
Updated: 2019-05-16

Document ID: EDOC1000069466

Views: 186803

Downloads: 1845

Average rating:
This Document Applies to these Products
Related Documents
Related Version
Share
Previous Next