No relevant resource is found in the selected language.

This site uses cookies. By continuing to browse the site you are agreeing to our use of cookies. Read our privacy policy>Search

Reminder

To have a better experience, please upgrade your IE browser.

upgrade

Fat AP and Cloud AP V200R008C00 CLI-based Configuration Guide

Rate and give feedback:
Huawei uses machine translation combined with human proofreading to translate this document to different languages in order to help you better understand the content of this document. Note: Even the most advanced machine translation cannot match the quality of professional translators. Huawei shall not bear any responsibility for translation accuracy and it is recommended that you refer to the English document (a link for which has been provided).
Configuration Examples

Configuration Examples

Example for Configuring the Console User Interface

Networking Requirements

Before logging in to the device using the console user interface to maintain the device locally, a user can configure the attributes of the console user interface to ensure device security.

In this example, the level of console users is 15. The password authentication mode and authentication password Helloworld@6789 are configured for console users to log in to the device.

Configuration Roadmap

The configuration roadmap is as follows:

  1. Configure the user level on the console user interface.

  2. Configure the authentication mode and password on the console user interface.

Procedure

  1. Configure the user level on the console user interface.

    <Huawei> system-view
    [Huawei] user-interface console 0
    [Huawei-ui-console0] user privilege level 15

  2. Configure the authentication mode and password on the console user interface.

    [Huawei-ui-console0] authentication-mode password
    [Huawei-ui-console0] set authentication password cipher
    Info: A plain text password is a string of 8 to 128 case-sensitive characters and must be a combination of at least two of the follow
    ing: uppercase letters A to Z, lowercase letters a to z, digits, and special characters (including spaces and the following :`~!@#$%
    ^&*()-_=+|[{}];:'",<.>/?). A cipher text password contains 56 or 68 characters.
    Current Password: 
    New Password:
    Confirm New Password:
    [Huawei-ui-console0] quit

    After the console user interface is configured, users can use the console interface to log in to the device in the password authentication mode to maintain the device locally. For details on how to log in to the device see Logging In to the Device Through a Console Port.

  3. Verify the configuration.

    # Run the quit command to disconnect the terminal from the device, connect the terminal to the device using a console cable, and verify that the new password is valid.

    # Run the user-interface console 0 command to enter the console interface view, and run the display this command to check the configurations on the console interface.

    [Huawei] user-interface console 0
    [Huawei-ui-console0] display this
    #
    user-interface con 0
     authentication-mode password
     set authentication password cipher %^%#f6441rvzHS/8;5-QxO))c9JWSLakF@>eYf:[Ng6Y%^%#
    #
    return

Configuration Files
#
user-interface con 0
 authentication-mode password
 set authentication password cipher %^%#f6441rvzHS/8;5-QxO))c9JWSLakF@>eYf:[Ng6Y%^%#
return

Example for Configuring a VTY User Interface

Networking Requirements

A user can use the VTY interface to log in to a remote device using Telnet. The device administrator can configure the attributes of the VTY user interface to ensure device security.

In this example, the level of VTY users is 2. The password authentication mode and authentication password Helloworld@6789 are configured for VTY users to log in to the device. Only the user whose IP address is 10.1.1.1 can log in to the device.

If a user logs in to the device and does not perform an operation within 30 minutes, the user's terminal disconnects from the device.

Configuration Roadmap

The configuration roadmap is as follows:

  1. Configure the maximum number of concurrent VTY user interfaces to 8.

  2. Configure restrictions on call-in and call-out permissions on the VTY user interface to allow users at a specified address or address segment to log in to the device.

  3. Configure terminal attributes on the VTY user interface.

  4. Configure the user level on the VTY user interface.

  5. Configure the authentication mode and password of the VTY user interface.

Procedure

  1. Configure the maximum number of concurrent VTY user interfaces.

    <Huawei> system-view
    [Huawei] user-interface maximum-vty 8

  2. Configure restrictions on call-in and call-out permissions on the VTY user interface.

    [Huawei] acl 2000
    [Huawei-acl-basic-2000] rule deny source 10.1.1.1 0
    [Huawei-acl-basic-2000] rule permit source any
    [Huawei-acl-basic-2000] quit
    [Huawei] user-interface vty 0 7
    [Huawei-ui-vty0-7] acl 2000 inbound

  3. Configure terminal attributes on the VTY user interface.

    [Huawei] user-interface vty 0 7
    [Huawei-ui-vty0-7] shell
    [Huawei-ui-vty0-7] idle-timeout 30
    [Huawei-ui-vty0-7] screen-length 30
    [Huawei-ui-vty0-7] history-command max-size 20

  4. Configure the user level on the VTY user interface.

    [Huawei-ui-vty0-7] user privilege level 2

  5. Configure the authentication mode and password of the VTY user interface.

    [Huawei-ui-vty0-7] authentication-mode password
    [Huawei-ui-vty0-7] set authentication password cipher
    Info: A plain text password is a string of 8 to 128 case-sensitive characters and must be a combination of at least two of the follow
    ing: uppercase letters A to Z, lowercase letters a to z, digits, and special characters (including spaces and the following :`~!@#$%
    ^&*()-_=+|[{}];:'",<.>/?). A cipher text password contains 56 or 68 characters.
    Current Password: 
    New Password:
    Confirm New Password:
    [Huawei-ui-vty0-7] quit

    After the VTY user interface is configured, users can log in to the device in the password authentication mode using Telnet to maintain the device locally or remotely. For details on how to log in to the device see Logging In to the Device Through Telnet.

  6. Verify the configuration.

    # Connect the terminal to the device using Telnet, and verify that the new password is valid.

    # Use 10.1.1.1 to log in to the device using Telnet. The login fails.

    # Run the user-interface vty 0 7 command to enter the VTY interface view, and run the display this command to check the configurations on the VTY interface.

    [Huawei] user-interface vty 0 7
    [Huawei-ui-vty0-7] display this
    #
    user-interface maximum-vty 8 
    user-interface vty 0 7
     acl 2000 inbound
     authentication-mode password
     user privilege level 2
     set authentication password cipher %^%#l^\e>'=8Z-0'Lj9+Ey,(FQ$=>ks/bOcBHC2uZ2n=zO)p0r[*"+=4QW6J7ZLL%^%#
     history-command max-size 20
     idle-timeout 30 0
     screen-length 30 
    #
    return

Configuration Files
#
acl number 2000
 rule 5 deny source 10.1.1.1 0
 rule 10 permit
#
user-interface maximum-vty 8
user-interface vty 0 7
 acl 2000 inbound
 authentication-mode password
 user privilege level 2
 set authentication password cipher %%$%$RdF~Z+6N|0d^a3%v5`W~3.%ymjpAD#$u[T'e#e32hd8G~4+&%$%$
 history-command max-size 20
 idle-timeout 30 0
 screen-length 30
#
return
Translation
Download
Updated: 2019-01-11

Document ID: EDOC1000176006

Views: 130641

Downloads: 312

Average rating:
This Document Applies to these Products
Related Documents
Related Version
Share
Previous Next