No relevant resource is found in the selected language.

This site uses cookies. By continuing to browse the site you are agreeing to our use of cookies. Read our privacy policy>Search

Reminder

To have a better experience, please upgrade your IE browser.

upgrade

NE40E V800R010C10SPC500 Commissioning Guide

This is NE40E V800R010C10SPC500 Commissioning Guide
Rate and give feedback:
Huawei uses machine translation combined with human proofreading to translate this document to different languages in order to help you better understand the content of this document. Note: Even the most advanced machine translation cannot match the quality of professional translators. Huawei shall not bear any responsibility for translation accuracy and it is recommended that you refer to the English document (a link for which has been provided).
Logging In to the NE40E by Using Telnet

Logging In to the NE40E by Using Telnet

This section describes how to log in to the NE40E by using Telnet. A Telnet operation allows you to log in to a remote device for device management.

Prerequisites

Figure 3-5 Networking diagram of logging in to the NE40E by using Telnet

Before logging in to the NE40E by using Telnet, complete the following tasks:

  • Ensure that the NE40E is working properly.
  • Log in to the NE40E by using the console interface and configure an IP address for each interface on the NE40E.
  • Ensure that there is a direct or reachable route between the Telnet client and the NE40E.
NOTE:

Perform the following configurations on the NE40E that serves as the Telnet server:

Procedure

  1. Set the maximum number of users that are allowed to log in to the NE40E at the same time.
    1. Run the system-view command to enter the system view.
    2. Run the user-interface maximum-vty number command to set the maximum number of login users that can use VTY user interfaces on the router.
    3. Run the commit command to commit the configuration.
  2. Configure a user authentication mode.

    Two authentication modes are available: password authentication and AAA authentication. One of them can be selected as needed.

    NOTE:
    • If users with passwords need to be created and managed on the router, AAA authentication is recommended.

    • Using STelnet is recommended for a network that has high security requirements.

    • Configure password authentication.

    1. Run the system-view command to enter the system view.
    2. Run the user-interface { ui-type ui-number1 | ui-number } command to enter the user interface view.
    3. Run the set authentication password cipher password command to set the password used in authentication.
    4. Run the commit command to commit the configuration.

    • Configure AAA authentication.

    1. Run the system-view command to enter the system view.
    2. Run the user-interface { ui-type ui-number1 | ui-number } command to enter the user interface view.
    3. Run the authentication-mode aaa command to configure AAA authentication.
    4. Run the aaa command to enter the AAA view.
    5. Run the local-user user-name password cipher password command to configure the local user name and password.
    6. Run the local-user user-name service-type telnet command to set the access type of the local user to Telnet.
    7. Run the quit command to exit from the AAA view.
  3. Run the user privilege level level command in the user interface view to control the user rights.
  4. Run the commit command to commit the configuration.

Commissioning Results

After the preceding configurations are complete, perform the following operations to check whether the configurations are correct.

  1. Run the Telnet client program on the PC, and enter the IP address of the interface to which you want to connect to.
  2. Enter the user name and password in the login window. If the user is authenticated, a command line prompt such as <HUAWEI> is displayed. It indicates that you have entered the user view.

Troubleshooting

If the Telnet login fails, perform the following operations:
  1. Check whether the Telnet client can ping to the server.

    Run the ping command to check the network connectivity. If the ping fails, the Telnet connection cannot be established between the user and server.

    If the ping fails, see The Ping Operation Fails to locate the problem so that the Telnet client can ping through the server.

  2. Check whether the number of users logging in to the server reaches the upper threshold.

    Log in to the server through a console interface and then run the display users command to check whether all the current VTY channels are used. By default, maximum of 5 users can log in to the server through VTY channels.

    <HUAWEI> display user-interface maximum-vty
     Maximum of VTY user:5
    <HUAWEI> display users
      User-Intf    Delay    Type   Network Address     AuthenStatus    AuthorcmdFlag
    + 0   CON 0   00:00:01                                                          
    Username : Unspecified
      34  VTY 0   02:11:28  TEL    10.138.81.61        pass            yes          
    Username : huawei

    If the number of users logging in to the server reaches the upper threshold, you can run the user-interface maximum-vty vty-number command to increase the maximum number of users allowed to log in to the server through VTY channels.

    <HUAWEI> system-view
    [~HUAWEI] user-interface maximum-vty 21
    [~HUAWEI] user-interface vty 5 20
    [~HUAWEI-ui-vty5-20] authentication-mode aaa
  3. Check that an ACL with deny rule is configured in the VTY user interface view.

    If an ACL has already been bound to VTY user interfaces, verify that the configured ACL rule does not deny IP addresses, port numbers, or protocol numbers of clients.

  4. Check that the access protocol configured in the VTY user interface view is correct.

    [~HUAWEI] user-interface vty 0 4
    [~HUAWEI-ui-vty0-4] display this
    user-interface vty 0 4
     authentication-mode aaa
     user privilege level 3
     idle-timeout 0 0
     protocol inbound ssh
    Run the protocol inbound { all | ssh | telnet } command to configure the user access protocol. By default, the user access protocol is Telnet.
    • If the user access protocol is SSH, the user cannot log in to the server through Telnet.
    • If the user access protocol "all", the user can log in to the server through Telnet or SSH.
  5. Check that the authentication mode is configured in the user interface view.

    • If you run the authentication-mode password command to configure the authentication mode for the user logging in to the server through the VTY channel to password, you can set the authentication password. Then, you can also run the set authentication password command to update the authentication password.

    • If you run the authentication-mode aaa command to configure the authentication mode to aaa then, you can run the local-user password command to add a local user.

  6. Contact Huawei technical support personnel for the following:

    • Results of the preceding troubleshooting procedures.
    • Configuration files, log files, and alarm files of the devices.
Translation
Download
Updated: 2019-01-02

Document ID: EDOC1100055014

Views: 5482

Downloads: 70

Average rating:
This Document Applies to these Products
Related Documents
Related Version
Share
Previous Next