大家好,又见面了,我是你们的朋友全栈君。
H3C 交换机配置命令 三层和二层交换机配置命令
dis this 查看下属命令 save 保存 reboot 重启
初始化命令和提示选项 reset saved-configuration 初始—-清除所有配置信息后 提示是否初始化:The saved configuration file will be erased. Are you sure? Y
reboot 重启 初始化密码h3c 提示保留配置:This command will reboot the device. Current configuration will be lost, save current configuration?N
提示是否重启:This command will reboot the device. Continue?Y
删除vlan里ip地址 [H3C]interface Vlan20(vlan名称) [H3C-vlan-interface20]no ip address
端口添加VLAN [H3C]interface GigabitEthernet1/0/1 [H3C-vlan-GigabitEthernet1/0/1]port access vlan 20 [H3C-vlan-GigabitEthernet1/0/1]quit
批量修改/添加VLAN [H3C ]vlan 216 [H3C-vlan216]port ethernet 1/0/23 to ethernet 1/0/28 (连续端口批量添加IP) [H3C-vlan216]port ethernet 1/0/2 ethernet 1/0/4 ethernet 1/0/6 (断续端口批量添加IP)
删除vlan [H3C]int g 1/0/1 [H3C-vlan-GigabitEthernet1/0/1]undo port access vlan 20 [H3C-vlan-GigabitEthernet1/0/1]quit 再删除配置接口 [H3C]undo int vlan 20(删除所有在vlan20下的GE接口) 删除VLAN [H3C]undo vlan 20(删除所创建后的vlan20)
如要删除interface GigabitEthernet 1/0/47里的下列命令 port link-type trunk port trunk permit vlan all port link-aggregation group 4
在port前加上undo删除 [H3C]interface GigabitEthernet1/0/47 [H3C-vlan-GigabitEthernet1/0/47]undo port link-aggregation group [H3C-vlan-GigabitEthernet1/0/47]undo port trunk permit vlan all [H3C-vlan-GigabitEthernet1/0/47]undo port link-type trunk 或 undo port link-type
删除alc单条命令 [H3C]acl number 3000 [H3C_CS1-acl-adv-3000]undo rule 1
1.password认证telnet登录方式 system-view 进入系统视图 [H3C]sysname H3C_IS4 改名称 [H3C_IS4]telnet server enable 启用telnet [H3C_IS4]user-interface vty 0 4 [H3C_IS4-line-vty0-4]authentication-mode password 不需要输入用户名,只输入密码登录 authentication-mode scheme 设置用户远程登录方式为使用用户名和密码 [H3C_IS4-line-vty0-4]user-role admin (s3100在创建用户时在视图窗口“[H3C]”下,[H3C] local-user admin 命令) [H3C_IS4-line-vty0-4]user-role level-15 (s3100创建权限使用:user privilege level 3user privilege level-15) [H3C_IS4-line-vty0-4]set authentication password simple jkzx is4(密码) [H3C_IS4-line-vty0-4]screen-length 30 [H3C_IS4-line-vty0-4]history-command max-size 20 [H3C_IS4-line-vty0-4]idle-timeout 6 [H3C_IS4-line-vty0-4]protocol inbound telnet
2.passeord认证console口登录方式 system-view 进入系统视图 [H3C]sytname H3C_IS4 改名称 [H3C_IS4]user-interface aux 0 [H3C_IS4-ui-aux0]authentication-mode password [H3C_IS4-ui-aux0]user-role admin (s3100在创建用户时在视图窗口“[H3C]”下,[H3C] local-user admin 命令) [H3C_IS4-ui-aux0]user-role level-15 (s3100创建权限使用:user privilege level 3) [H3C_IS4-ui-aux0]set authentication password simple jkzx is4(密码) [H3C_IS4-ui-aux0]screen-lengthe 30 [H3C_IS4-ui-aux0]history-command max-size 20 [H3C_IS4-ui-aux0]idle-timeout 5 [H3C_IS4-ui-aux0]speed 9600(超级链接端口设置 9600 19200等)
3.web方式登录 system-view 进入系统视图 [H3C]sytname H3C_IS4 改名称 [H3C_IS4]vlan 20 [H3C_IS4]interface vlan-interface 20 [H3C_IS4-vlan-interface20]ip address 172.16.0.14 255.255.255.224 [H3C_IS4-vlan-interface20]quit [H3C_IS4]ip route-static 0.0.0.0 0.0.0.0 172.16.0.1 指定下一跳地址 [H3C_IS4] [H3C_IS4]ip http enable [H3C_IS4]ip https enable [H3C_IS4]local-user admin [H3C_IS4-luser-admin]authorization-attribute user-role level-15 (service-type telnet level-15) [H3C_IS4-luser-admin]passeword simple jkzx is4(密码) [H3C_IS4-luser-admin]service-type http https 启用http和https服务。 [H3C_IS4-luser-admin]service-type telnet terminal [H3C_IS4-luser-admin]authorization-attribute user-role network-admin [H3C_IS4-luser-admin]quit [H3C_IS4]save(保存)
4.Vlan [H3C_IS4]vlan 100 to 133 [H3C_IS4]stp global enable 全局启用 [H3C_IS4]interface Bridge-Aggregation 4 [H3C_IS4-Bridge-Aggregation4]port link-type trunk [H3C_IS4-Bridge-Aggregation4]port trunk permit vlan all [H3C_IS4-Bridge-Aggregation4]quit [H3C_IS4] [H3C_IS4]interface GigabitEthernet 1/0/4 [H3C_IS4-GigabitEthernet1/0/47]port link-type trunk [H3C_IS4-GigabitEthernet1/0/47]port trunk permit vlan all [H3C_IS4-GigabitEthernet1/0/47]port link-aggregation group 4 [H3C_IS4] [H3C_IS4]undo info-center logfile enable 开启系统视图
三层配置ACL后二层不用配置ACL
ACL登录用户控制 system-view 进入系统视图 [H3C]sytname H3C_IS4 改名称 [H3C_IS4] [H3C_IS4]acl number2000 进入acl 2000视图 [H3C_IS4-acl-basic-2000]rule 1 permit source 10.0.10.111 0 [H3C_IS4-acl-basic-2000]rule 2 permit source 10.0.10.122 0 [H3C_IS4-acl-basic-2000]rule 3 deny soure any 仅允许10.111和10.112访问telnet snmp web访问交换机 [H3C_IS4-acl-basic-2000]quit
ip对telnet用户进行控制 [H3C_IS4]acl number2000 进入acl 2000视图 [H3C_IS4-acl-basic-2000]rule 1 permit source 10.0.10.111 0 [H3C_IS4-acl-basic-2000]rule 2 permit source 10.0.10.122 0 [H3C_IS4-acl-basic-2000]rule 3 deny soure any 仅允许10.111和10.112访问telnet snmp web访问交换机 [H3C_IS4-acl-basic-2000]quit [H3C_IS4] [H3C_IS4]user-interface vty 0 4 [H3C_IS4-ui-vty0-4]acl 2000 inbound [H3C_IS4-ui-vty0-4]quit
ip对网管用户进行控制 [H3C_IS4]acl number2000 进入acl 2000视图 [H3C_IS4-acl-basic-2000]rule 1 permit source 10.0.10.111 0 [H3C_IS4-acl-basic-2000]rule 2 permit source 10.0.10.122 0 [H3C_IS4-acl-basic-2000]rule 3 deny soure any 仅允许10.111和10.112访问telnet snmp web访问交换机 [H3C_IS4-acl-basic-2000]quit [H3C_IS4] [H3C_IS4]snmp-agent communtiy read aaa acl 2000 [H3C_IS4]snmp-agent group v2c groupa acl 2000 [H3C_IS4]snmp-agent usm-user v2c usera groupa acl 2000
ip对web用户进行控制 [H3C_IS4]acl number2000 进入acl 2000视图 [H3C_IS4-acl-basic-2000]rule 1 permit source 10.0.10.111 0 [H3C_IS4-acl-basic-2000]rule 2 permit source 10.0.10.122 0 [H3C_IS4-acl-basic-2000]rule 3 deny soure any 仅允许10.111和10.112访问telnet snmp web访问交换机 [H3C_IS4-acl-basic-2000]quit [H3C_IS4] [H3C_IS4]ip http acl 2000
FTP [h3c]local-user ftp [h3c-local-user-ftp]password simple 123456 [h3c-local-user-ftp]service-type ftp 交换为s5120系列-V7平台需要加入下来命令: [h3c-local-user-ftp]authorization-attribute user-role level-15 [h3c-local-user-ftp]authorization-attribute user-role network-admin [h3c-local-user-ftp]authorization-attribute user-role network-operator 启用ftp服务 [h3c]ftp server enable
下载配置文件 运行CMD,或者附件里打开命令提示符
ftp 172.16.0.22 ip地址 用户名:ftp 输入用户 密码:jkzx iscs 输入密码 ftp> dir 配置文件名称命令 ftp>get config.cfg 下载配置文件config.cfg; 文件保存在C:用户用户名文件夹里。 例如:我的电脑登录用户ghq,配置文件保存在C:Usersghq ftp>quit 退出
发布者:全栈程序员栈长,转载请注明出处:https://javaforall.cn/151571.html原文链接:https://javaforall.cn
