首页 > 其他分享 >H3C 设备配置文件备份还原实验

H3C 设备配置文件备份还原实验

时间:2024-02-05 17:01:17浏览次数:41  
标签:H3C 14 配置文件 level 备份 2024 role Jan R1

H3C 设备配置文件备份还原实验

H3C模拟器搭建实验,仅为参考(2024年1月14日)

实验拓扑

image.png

实验需求

1、按照图示连接到真机,并配置IP地址(真机IP地址配置到VirtualBox Host-Only Ethernet Adapter网卡)
2、R1保存当前配置
3、在R1上开启FTP服务
4、使用真机访问FTP服务,把R1的配置文件拷贝到本地
5、在R1上清空配置,重启R1,确认已配置为空配状态
6、再次在R1开启FTP服务,并把真机拷贝的配置文件还原到路由器
7、更改R1的启动配置文件名
8、再次重启R1,确认配置已还原

实验步骤

配置IP地址

R1接口配置

#
 sysname R1
#
interface GigabitEthernet0/1
 ip address 192.168.56.2 255.255.255.0

PC接口配置

Host_1 192.168.56.1/24

image.png

3.2R1开启FTP服务,创建用test​,密码12345678​,保存当前配置

开启FTP服务

#
 ftp server enable

密码复杂度关闭

(实验阶段可全部关闭,在实际项目实施中建议依据安全原则设定密码强度)

#
 undo password-control length enable        //关闭最小密码长度
 undo password-control composition enable    //关闭指定密码类型组合

创建FTP用户,配置密码,设置用户权限,服务类型

#
local-user test class manage
 password hash $h$6$RNu+OxTxuo4e7ryK$YS82RTXhoaYJodktLHwfLzWEklrJZgMHFUT/v0q0GBAQYpz6XheSMiKIUBzHYCs+Q9Ix33Cuo3aHx6bbiBgCXg<span style="font-weight: bold;" class="mark">
 service-type ftp
 authorization-attribute user-role level-15
 authorization-attribute user-role network-operator

保存当前配置

[R1]save
The current configuration will be written to the device. Are you sure? [Y/N]:y
Please input the file name(*.cfg)[flash:/startup.cfg]
(To leave the existing filename unchanged, press the enter key):
Validating file. Please wait...
Configuration is saved to device successfully.

<R1>dir
Directory of flash: (VFAT)
   0 drw-           - Jan 14 2024 18:03:00   diagfile
   1 -rw-         252 Jan 14 2024 18:53:08   ifindex.dat
   2 -rw-       43136 Jan 14 2024 18:03:00   licbackup
   3 -rw-       43136 Jan 14 2024 18:03:00   licnormal
   4 drw-           - Jan 14 2024 18:47:48   logfile
   5 -rw-           0 Jan 14 2024 18:03:00   msr36-cmw710-boot-r0424p22.bin
   6 -rw-           0 Jan 14 2024 18:03:00   msr36-cmw710-system-r0424p22.bin
   7 drw-           - Jan 14 2024 18:03:00   seclog
   8 -rw-        2604 Jan 14 2024 18:53:08   startup.cfg
   9 -rw-       43790 Jan 14 2024 18:53:08   startup.mdb

1046512 KB total (1046340 KB free)

使用FTP访问R1,备份配置文件

使用资源管理器访问FTP服务

image.png

image.png

复制R1的配置文件

将startup.cfg和startup.mdb 两个文件进行备份

image.png

清空R1配置

恢复出厂设置

<R1>reset saved-configuration 
The saved configuration file will be erased. Are you sure? [Y/N]:y
Configuration file in flash: is being cleared.  
Please wait ...
Configuration file is cleared.

重启

<R1>reboot
Start to check configuration with next startup configuration file, please wait.........DONE!
Current configuration may be lost after the reboot, save current configuration? [Y/N]:n    //不保存
This command will reboot the device. Continue? [Y/N]:y
Now rebooting, please wait...
%Jan 14 18:47:49:981 2024 R1 DEV/5/SYSTEM_REBOOT: System is rebooting now.

空配置状态

<H3C>dir
Directory of flash: (VFAT)
   0 drw-           - Jan 14 2024 18:03:00   diagfile
   1 -rw-         252 Jan 14 2024 18:53:08   ifindex.dat
   2 -rw-       43136 Jan 14 2024 18:03:00   licbackup
   3 -rw-       43136 Jan 14 2024 18:03:00   licnormal
   4 drw-           - Jan 14 2024 18:47:48   logfile
   5 -rw-           0 Jan 14 2024 18:03:00   msr36-cmw710-boot-r0424p22.bin
   6 -rw-           0 Jan 14 2024 18:03:00   msr36-cmw710-system-r0424p22.bin
   7 drw-           - Jan 14 2024 18:03:00   seclog

1046512 KB total (1046388 KB free)

<H3C>dis cu
#
 version 7.1.064, Release 0427P22
#
 sysname H3C
#
 system-working-mode standard
 xbar load-single
 password-recovery enable
 lpu-type f-series
#
vlan 1
#
interface Serial1/0
#
interface Serial2/0
#
interface Serial3/0
#
interface Serial4/0
#
interface NULL0
#
interface GigabitEthernet0/0
 port link-mode route
 combo enable copper
#
interface GigabitEthernet0/1
 port link-mode route
 combo enable copper

还原R1配置

再次把R1的GE0/1口配置IP地址,并开启FTP(略)

使用FTP上传备份文件(略)

加载原备份配置文件

<H3C>startup saved-configuration startup.cfg 
Please wait...... Done.

重启

<H3C>reboot
Start to check configuration with next startup configuration file, please wait.........DONE!
Current configuration may be lost after the reboot, save current configuration? [Y/N]:n
This command will reboot the device. Continue? [Y/N]:y

检验配置还原状态

%Jan 14 19:20:50:026 2024 H3C DEV/5/SYSTEM_REBOOT: System is rebooting now.
Cryptographic algorithms tests passed.
Line con0 is available.
Press ENTER to get started.
<R1>%Jan 14 19:21:11:296 2024 R1 SHELL/5/SHELL_LOGIN: Console logged in from con0.
<R1>dis cu
#
 version 7.1.064, Release 0427P22
#
 sysname R1
#
 system-working-mode standard
 xbar load-single
 password-recovery enable
 lpu-type f-series
#
vlan 1
#
interface Serial1/0
#
interface Serial2/0
#
interface Serial3/0
#
interface Serial4/0
#
interface NULL0
#
interface GigabitEthernet0/0
 port link-mode route
 combo enable copper
#
interface GigabitEthernet0/1
 port link-mode route
 combo enable copper
 ip address 192.168.56.2 255.255.255.0
#
interface GigabitEthernet0/2
 port link-mode route
 combo enable copper
#
interface GigabitEthernet5/0
 port link-mode route
 combo enable copper
#
interface GigabitEthernet5/1
 port link-mode route
 combo enable copper
#
interface GigabitEthernet6/0
 port link-mode route
 combo enable copper
#              
interface GigabitEthernet6/1
 port link-mode route
 combo enable copper
#
 scheduler logfile size 16
#
line class aux
 user-role network-operator
#
line class console
 user-role network-admin
#
line class tty
 user-role network-operator
#
line class vty
 user-role network-operator
#
line aux 0
 user-role network-operator
#
line con 0
 user-role network-admin
#
line vty 0 63
 user-role network-operator
#
 undo password-control length enable 
 undo password-control composition enable 
#
domain system
#
 domain default enable system
#
role name level-0
 description Predefined level-0 role
#
role name level-1
 description Predefined level-1 role
#
role name level-2
 description Predefined level-2 role
#
role name level-3
 description Predefined level-3 role
#              
role name level-4
 description Predefined level-4 role
#
role name level-5
 description Predefined level-5 role
#
role name level-6
 description Predefined level-6 role
#
role name level-7
 description Predefined level-7 role
#
role name level-8
 description Predefined level-8 role
#
role name level-9
 description Predefined level-9 role
#
role name level-10
 description Predefined level-10 role
#
role name level-11
 description Predefined level-11 role
#
role name level-12
 description Predefined level-12 role
#
role name level-13
 description Predefined level-13 role
#
role name level-14
 description Predefined level-14 role
#
user-group system
#
local-user test class manage
 password hash $h$6$RNu+OxTxuo4e7ryK$YS82RTXhoaYJodktLHwfLzWEklrJZgMHFUT/v0q0GBAQYpz6XheSMiKIUBzHYCs+Q9Ix33Cuo3aHx6bbiBgCXg</span>
 service-type ftp
 authorization-attribute user-role level-15
 authorization-attribute user-role network-operator
#
 ftp server enable
#
return
<R1>  
<R1>dir
Directory of flash: (VFAT)
   0 drw-           - Jan 14 2024 19:10:48   diagfile
   1 -rw-       43136 Jan 14 2024 19:10:48   licbackup
   2 -rw-       43136 Jan 14 2024 19:10:48   licnormal
   3 drw-           - Jan 14 2024 19:13:00   logfile
   4 -rw-           0 Jan 14 2024 19:10:48   msr36-cmw710-boot-r0424p22.bin
   5 -rw-           0 Jan 14 2024 19:10:48   msr36-cmw710-system-r0424p22.bin
   6 drw-           - Jan 14 2024 19:10:48   seclog
   7 -rw-        2604 Jan 14 2024 19:17:28   startup.cfg
   8 -rw-       43790 Jan 14 2024 19:17:28   startup.mdb

1046512 KB total (1046344 KB free)

自此配置还原成功

备注

配置密码时不符合设备出厂默认安全要求时提示的如下信息:

The new password is too short. It must contain at least 10 characters.
新密码太短。它必须至少包含10个字符。

Invalid password composition. The new password must contain at least 2 types and at least 1 characters for each type.
密码组合无效。新密码必须至少包含2种类型,每种类型至少包含1个字符。

实验附件

H3C设备配置文件备份还原实验.zip

标签:H3C,14,配置文件,level,备份,2024,role,Jan,R1
From: https://www.cnblogs.com/caomojian/p/18008449/h3c-device-configuration-file-backup-and-rest

相关文章

  • H3C vlan基础配置实验
    H3Cvlan基础配置实验实验拓扑实验需求1、按图示为PC配置IP地址2、SW1和SW2上分别创建vlan10和vlan20,要求PC1和PC3属于vlan10,PC2和PC4属于vlan203、SW1和SW2相连的接口配置为trunk类型,允许vlan10和vlan20通过4、测试效果,同一vlan的PC可以互通,不同vlan的PC无法互通实验步......
  • H3C 单臂路由实验
    H3C单臂路由实验实验拓扑​​实验需求按照图示为PC1和PC2配置IP地址和网关PC1属于Vlan10,PC2属于Vlan20,配置单臂路由实现Vlan10和Vlan20三层互通PC1和PC2可以互通实验步骤PC配置IP地址(略)配置单臂路由实现Vlan10和Vlan20三层互通用单臂路由实现V......
  • H3C 三层交换实验
    H3C三层交换实验实验拓扑​​实验需求按照图示为PC1和PC2配置IP地址和网关PC1属于Vlan10,PC2属于Vlan20,在三层交换机上配置Vlanif三层接口实现Vlan10和Vlan20三层互通PC1和PC2可以互通实验步骤PC配置IP地址(略)SW1配置创建VLAN10和VLAN20#vlan10......
  • H3C ACL配置实验
    H3CACL配置实验实验拓扑​​实验需求按照图示配置IP地址全网路由互通在SERVER1上配置开启TELNET和FTP服务配置ACL实现如下效果​192.168.1.0/24​网段不允许访问192.168.2.0/24​网段,要求使用基本ACL实现PC1可以访问SERVER1的TELNET服务,但......
  • H3C PPP认证基本配置实验
    H3CPPP认证基本配置实验实验拓扑​​实验需求R1和R2使用PPP链路直连,R2和R3把2条PPP链路捆绑为PPPMP直连按照图示配置IP地址R2对R1的PPP进行单向chap验证R2和R3的PPP进行双向chap验证实验步骤R2和R3把2条PPP链路捆绑为PPPMP......
  • Nginx--安装&&配置文件
    官网:http://nginx.org/en/download.htmlnginx版本:1.18一 安装1下载预编译环境(预编译报错需要安装什么库直接在库名后面接-devel 使用yum下载)yum-yinstallpcre-developenssl-develgccgcc-c++2 创建用户,解压包useradd-M-r-s/sbin/nologinnginxtarxvfnginx-1.......
  • Nginx--引用多配置文件
    在nginx.conf的http模块,include指定某个目录下的*.confusernginx;worker_processesauto;error_log/var/log/nginx/error.log;pid/run/nginx.pid;#Loaddynamicmodules.See/usr/share/nginx/README.dynamic.include/usr/share/nginx/modules/*.conf;events{......
  • DNS--安装&&配置文件
    1 下载#下载服务yum-yinstallbind#下载解析工具yum-yinstallbind-utils 2 配置文件主配置文件/etc/named.conf区配置文件/var/named/配置文件模板/usr/share/doc/bind-9.8.2/sample 3 协议及端口TCP53主要用于主从同步,需要的是可靠的数......
  • h3c交换机配置登录口令强度要求、更换要求
    H3C交换机的具体命令可能会根据不同的设备型号和软件版本有所不同。以下是一些通用的命令示例,你可以根据你的具体情况进行调整:1.登录口令强度要求:设置最小密码长度:[Switch]aaa[Switch-aaa]local-useruser1password-min-length8设置密码复杂性:[Switch]aaa[Switch-aaa]loc......
  • 幻兽帕鲁客户端存档文件 - 云上备份和恢复教程
    本文将详细介绍如何将幻兽帕鲁游戏客户端的存档文件备份至云端,以及如何从云端恢复存档数据至本地。一、游戏存档备份场景幻兽帕鲁的游戏进度存储在电脑本地磁盘上,游戏中创建的每个世界都对应一个本地存档文件夹。在玩游戏过程中,客户端会自动定时将游戏进度状态保存为快照,存放在......