No relevant resource is found in the selected language.

This site uses cookies. By continuing to browse the site you are agreeing to our use of cookies. Read our privacy policy>Search

Reminder

To have a better experience, please upgrade your IE browser.

upgrade

Configuration Guide - Basic Configuration

S7700 and S9700 V200R010C00

This document describes methods to use command line interface and to log in to the device, file operations, and system startup configurations.
Rate and give feedback:
Huawei uses machine translation combined with human proofreading to translate this document to different languages in order to help you better understand the content of this document. Note: Even the most advanced machine translation cannot match the quality of professional translators. Huawei shall not bear any responsibility for translation accuracy and it is recommended that you refer to the English document (a link for which has been provided).
Example for Configuring the Device as the Telnet Client to Log In to Another Device

Example for Configuring the Device as the Telnet Client to Log In to Another Device

Networking Requirements

As shown in Figure 5-15, the PC and Client have reachable routes to each other, and Client and Server have reachable routes to each other. The user needs to manage and maintain Server remotely. However, the PC cannot directly log in to Server through Telnet because it has no reachable route to Server. The user can log in to Client through Telnet, and then log in to Server from Client. To prevent unauthorized devices from logging in to Server through Telnet, an ACL needs to be configured to allow only the Telnet connection from Client to Server.

Figure 5-15  Networking diagram of configuring the device as the Telnet client to log in to another device

The Telnet protocol poses security risks, and therefore the STelnet V2 protocol is recommended.

Configuration Roadmap

The configuration roadmap is as follows:

  1. Configure the Telnet authentication mode on Server.
  2. Configure the login user information on Server.
  3. Configure the Server to allow Client access with ACL.
  4. Log in to Server from Client through Telnet.

Procedure

  1. Configure the Telnet authentication mode and password on Server.

    <HUAWEI> system-view
    [HUAWEI] sysname Server
    [Server] telnet server enable
    [Server] user-interface vty 0 4
    [Server-ui-vty0-4] user privilege level 15
    [Server-ui-vty0-4] protocol inbound telnet
    [Server-ui-vty0-4] authentication-mode aaa
    [Server-ui-vty0-4] quit

  2. Configure the login user information.

    [Server] aaa
    [Server-aaa] local-user admin1234 password irreversible-cipher Helloworld@6789
    [Server-aaa] local-user admin1234 service-type telnet
    [Server-aaa] local-user admin1234 privilege level 3
    [Server-aaa] quit

  3. Configure the Switch2 to allow Client access with ACL.

    [Server] acl 2000
    [Server-acl-basic-2000] rule permit source 10.1.1.1 0
    [Server-acl-basic-2000] quit
    [Server] user-interface vty 0 4
    [Server-ui-vty0-4] acl 2000 inbound
    [Server-ui-vty0-4] quit
    NOTE:

    It is optional to configure an ACL for Telnet services.

  4. Verify the configuration.

    # After the preceding configuration, you can log in to Server from Client through Telnet. You cannot log in to Server from other devices.

    <HUAWEI> system-view
    [HUAWEI] sysname Client
    [Client] quit
    <Client> telnet 10.2.1.1
    Trying 10.2.1.1 ...
    Press CTRL+K to abort
    Connected to 10.2.1.1 ...
    
    Warning: Telnet is not a secure protocol, and it is recommended to use Stelnet.
    
    Login authentication
    
    
    Username:admin1234
    Password:
    <Server>

Configuration Files

Server configuration file

#
sysname Server
#
telnet server enable
#
acl number 2000
 rule 5 permit source 10.1.1.1 0
#
aaa
 local-user admin1234 password irreversible-cipher $1a$gRNl~ukoL~0.WU)C2]~2a}Cz/Y0-u8M{j@Ql6/xHryO-Y7m{=A>kWc.-q}>*$
 local-user admin1234 privilege level 3
 local-user admin1234 service-type telnet
#
user-interface vty 0 4
 acl 2000 inbound
 authentication-mode aaa
 user privilege level 15
 protocol inbound telnet 
#
return
Translation
Download
Updated: 2019-08-21

Document ID: EDOC1000141895

Views: 61944

Downloads: 219

Average rating:
This Document Applies to these Products
Related Documents
Related Version
Share
Previous Next