基础/管理配置:
system-view quit return undo
display current-configuration display this
display this include-default save
//用户视图下 reboot
header login information \display hotkey
language-mode { chinese | english }
history-command max-size VALUE display history-command [ all-users ]
clock datetime HH:MM:SS YYYY-MM-DD
clock timezone time-zone-name { add | minus } offset
配置Console:
使用AAA验证:
user-interface console 0 authentication-mode aaa quit aaa
local-user ADMIN123 password irreversible-cipher ADMIN123 local-user ADMIN123 service-type terminal quit
使用密码验证:
user-interface console 0
authentication-mode password
set authentication password cipher ADMIN123
配置VTY(Telent):
telnet server enable aaa
local-user ADMIN123 password irreversible-cipher ADMIN123 local-user ADMIN123 privilege level 15 local-user ADMIN123 service-type telnet quit
user-interface maximum-vty 15
user-interface vty 0 4 user privilege level 15 authentication-mode aaa idle-timeout 10 0 quit
验证命令: display users
display user-interface maximum-vty display user-interface vty summary display local-user display vty mode
配置SSH:
使用本地用户密码方式(可使用rsa密钥方式) system-view
rsa local-key-pair create
//或dsa local-key-pair create //display rsa local-key-pair public //display dsa local-key-pair public stelnet server enable ssh server timeout 60
user-interface vty 0 4
authentication-mode aaa protocol inbound {all | ssh} //默认为telnet方式 aaa
local-user CLIENT001 password irreversible-cipher CLIENT001
local-user CLIENT001 privilege level 3 local-user CLIENT001 service-type ssh quit
ssh user CLIENT001 authentication-type password ssh user CLIENT001 service-type stelnet
display ssh user-information display ssh server status display ssh server session
ssh client first-time enable
Web网管(https):
system-view
http server load default http secure-server enable http timeout xxx aaa
local-user NAME password irreversible-cipher PASSWORD local-user NAME privilege level LEVEL //级别在3级以上具有管理权限 local-user NAME service-type http
display http user display http server
配置管理VLAN(L2 Switch):
vlan 4000 name MGMT
management-vlan
//Vlan1不能配置为管理VLAN quit
undo interface vlanif1
//只支持1个VLANIF接口,所以需要删除vlanif1
interface vlanif 4000 ip address x.x.x.x y.y.y.y
display vlan
//带有*的VLAN为管理VLAN
Display查看设备状态:
display device display esn display version display power
display power system
display voltage {all | slot SLOT-ID}
display temperature {all | slot SLOT-ID} display fan
display fan-para {all | slot SLOT-ID} display cpu-usage [slave | slot SLOT-ID]
display cpu-usage configuratoin [slave | slot SLOT-ID] display memory-usage [slave | slot SLOT-ID] display memory-usage threshold [slot SLOT-ID] display environment version
display this
display this interface display system-mac
display elabel [ chassis-id[/slot-id][/subcard-id ] ] [ brief ] display elabel backplane chassis chassis-id display diagnostic-information
display health
display transceiver [ interface interface-type interface-number | slot slot-id ] [ verbose ] display spu-information
硬件管理:
reset slot slot-id [ all | master ] //复位单板 slave restart
//复位备用主控板
display switchover state slave switchover enable //使能主备倒换功能 slave switchover
