交换机配置白板
lldp enable 开启邻居
stp enable 开启生成树
gvrp 开启同步vlan
vlan 2 3 4 创建vlan
int g1/0/24 //Trunk 接口
descrip XXXXX
port link-type trunk
port trunk permit vlan all
gvrp
int g1/0/24 //access接口
port link-type access
port access vlan 3
ip route-static 0.0.0.0 0.0.0.0 1.1.1.1 //默认路由
时间配置
[H3C] clock protocol none
[H3C] clock timezone beijing add 8
<H3C> clock datetime hh:mm:ss year/month/day
版本5.2 ssh配置
ssh server enable //ssh登录配置
public-key local create rsa
public-key local create dsa
local-user anonymous
pass cip 密码
service-type ssh ter
authori level 3
local-user hqyunwei
pass cip 密码
service-type ssh ter
authori level 3
user-inter vty 0 4
authen sch
版本3.1 ssh配置
rsa local-key-pair create //F100-C-EI version3.4 生成key
public-key local create rsa
public-key local create dsa
ssh user anonymous authentication-type password
ssh user anonymous service-type stelnet
ssh user hqyunwei authentication-type password
ssh user hqyunwei service-type stelnet
local-user anonymous
pass cip 密码
service-type ssh ter
level 3
local-user hqyunwei
pass cip 密码
service-type ssh ter
level 3
user-inter vty 0 4
authen sch
版本7.1 ssh配置
ssh ser en
public-key local create rsa
public-key local create dsa
local-user anonymous class manage
password simple 密码
service-type ssh terminal
authorization-attribute user-role level-3
authorization-attribute user-role network-admin
authorization-attribute user-role network-operator
local-user hqyunwei class manage
password simple 密码
service-type ssh terminal
authorization-attribute user-role level-3
authorization-attribute user-role network-admin
authorization-attribute user-role network-operator
user-inter vty 0 4
authen sch
华为防火墙SSH配置
stelnet server enable
rsa local-key-pair create
aaa
manager-user anonymous
password cipher 密码
service-type terminal ssh
level 15
manager-user hqyunwei
password cipher 密码
service-type terminal ssh
level 15
user-interface vty 0 4
authentication-mode aaa
华为交换机SSH配置
stelnet server enable
rsa local-key-pair create
local-user admin password irreversible-cipher 密码
local-user admin privilege level 15
local-user admin service-type telnet terminal ssh
user-interface vty 0 4
authentication-mode aaa
华为防火墙禁止Ping及tracert
security-policy
rule name untrust_local_tracert
source-zone untrust
destination-zone local
service icmp
action deny
rule name ANY-ANY
action permit
外部接口
service-man ping deny