HCNP综合实验
综合实验HCNP小型网络
实验拓扑
实验需求
- 按照拓扑搭建网络环境,网络拓扑分为总部、分部二,设备IP地址见IP地址规划表。
- 总部4台交换机采用MSTP协议防止环路及实现链路冗余。其中VLAN10的主根为SW1,VLAN20的主根为SW2。
- SW1与SW2之间运行VRRP协议,PC的的网关在虚拟路由器上。要求VLAN10业务由SW1转发,VLAN20业务由SW2转发。
- 总部与分部二都运行OSPF协议,总部属于AREA 0,分部二属于AREA 1。为了确保安全性,总部与分部二之间链路需要启用接口认证,认证口令为SPOTO。
- 总部AREA 0通过OSPF学习到默认路由。
- 总部与分部二之间属于不同的自治域,要求启用BGP协议互联。
- 分部二内的三台路由器采用环回口建立IBGP邻居, 并在R4上宣告Loopback1和Loopback2。
- 通过修改MED的方式,实现R1前往16.10.1的路由优选R2,R1前往172.16.20.1的路由优选R3。
- R5为模拟运营商设备,总部有上公网的需求,但仅允许VLAN10的设备访问,在R1进行NAT配置,采用PC1、PC2 ping R5进行测试。
IP地址规划
|
设备名称 |
接口 |
IP地址 |
|
R1 |
GigabitEthernet0/0/0 |
192.168.11.1/24 |
|
GigabitEthernet0/0/1 |
192.168.12.1/24 |
|
|
GigabitEthernet0/0/2 |
FC00:0:0:1000::1 |
|
|
GigabitEthernet4/0/0 |
12.0.0.1/24 |
|
|
GigabitEthernet4/0/1 |
13.0.0.1/24 |
|
|
GigabitEthernet4/0/2 |
100.0.0.1/30 |
|
|
Loopback 0 |
1.1.1.1/32 |
|
|
Tunnel0/0/0 |
16.0.0.1/24 |
|
|
R2 |
GigabitEthernet0/0/0 |
12.0.0.2/24 |
|
GigabitEthernet0/0/1 |
24.0.0.2/24 |
|
|
Loopback 0 |
2.2.2.2/24 |
|
|
R3 |
GigabitEthernet0/0/0 |
13.0.0.3/24 |
|
GigabitEthernet0/0/1 |
34.0.0.3/24 |
|
|
Loopback 0 |
3.3.3.3/32 |
|
|
R4 |
GigabitEthernet0/0/0 |
24.0.0.4/24 |
|
GigabitEthernet0/0/1 |
34.0.0.4/24 |
|
|
Loopback 0 |
4.4.4.4/32 |
|
|
Loopback 1 |
172.16.10.1/32 |
|
|
Loopback 2 |
172.16.20.1/32 |
|
|
R5 |
GigabitEthernet0/0/0 |
100.0.0.2/30 |
|
SW1 |
Vlanif 10 |
192.168.10.252/24 |
|
Vlanif 20 |
192.168.20.252/24 |
|
|
Vlanif 100 |
192.168.11.2/24 |
|
|
SW2 |
Vlanif 10 |
192.168.10.253/24 |
|
Vlanif 20 |
192.168.20.253/24 |
|
|
Vlanif 100 |
192.168.12.2/24 |
|
|
PC1 |
VLAN 10 |
192.168.10.1/24 |
|
PC2 |
VLAN 20 |
192.168.20.2/24 |
|
PC3 |
VLAN 10 |
192.168.10.3/24 |
|
PC4 |
VLAN 20 |
192.168.20.4/24 |
|
VRRP |
VRID 1 |
192.168.10.254/24 |
|
VRID 2 |
192.168.20.254/24 |
总结:
- 四台交换机配置mstp
- vlan 10 S1主根
- vlan 20 S2主根
- S1 S2做VRRP协议
- 总部和分部都是ospf
- 总部事ospf0
- 分部是ospf1
- 两个部门BGP互联
- 分部二内的三台路由器采用环回口建立IBGP邻居
1.配置IP地址
"=============R1============="
[R1]ospfv3 1
[R1-ospfv3-1]router-id 1.1.1.1
[R1]interface GigabitEthernet 0/0/0
[R1-GigabitEthernet0/0/0]ip address 192.168.11.1 24
[R1]interface GigabitEthernet 0/0/1
[R1-GigabitEthernet0/0/1]ip address 192.168.12.1 24
[R1]interface GigabitEthernet 0/0/2
[R1-GigabitEthernet0/0/2]ipv6 enable
[R1-GigabitEthernet0/0/2]ipv6 address FC00:0:0:1000::1/64
[R1-GigabitEthernet0/0/2]ospfv3 1 area 0
[R1]interface GigabitEthernet 4/0/0
[R1-GigabitEthernet4/0/0]ip address 12.0.0.1 24
[R1]interface GigabitEthernet 4/0/1
[R1-GigabitEthernet4/0/1]ip address 13.0.0.1 24
[R1]interface GigabitEthernet 4/0/2
[R1-GigabitEthernet4/0/2]ip address 100.0.0.1 30
[R1]interface LoopBack 0
[R1-LoopBack0]ip address 1.1.1.1 32
[R1]interface Tunnel 0/0/0
[R1-Tunnel0/0/0]ip address 16.0.0.1 24
[R1-Tunnel0/0/0]tunnel-protocol ipv4-ipv6
[R1-Tunnel0/0/0]source GigabitEthernet 0/0/2
[R1-Tunnel0/0/0]description FC00:0:0:2000::6
"=============R2============="
[R2]interface GigabitEthernet 0/0/0
[R2-GigabitEthernet0/0/0]ip address 12.0.0.2 24
[R2]interface GigabitEthernet 0/0/1
[R2-GigabitEthernet0/0/1]ip address 24.0.0.2 24
[R2]interface LoopBack 0
[R2-LoopBack0]ip address 2.2.2.2 24
"=============R3============="
[R3]interface GigabitEthernet 0/0/0
[R3-GigabitEthernet0/0/0]ip address 13.0.0.3 24
[R3]interface GigabitEthernet 0/0/1
[R3-GigabitEthernet0/0/1]ip address 34.0.0.3 24
[R3]interface LoopBack 0
[R3-LoopBack0]ip address 3.3.3.3 32
"=============R4============="
[R4]interface GigabitEthernet 0/0/0
[R4-GigabitEthernet0/0/0]ip address 34.0.0.4 24
[R4]interface GigabitEthernet 0/0/1
[R4-GigabitEthernet0/0/1]ip address 24.0.0.4 24
[R4]interface LoopBack 0
[R4-LoopBack0]ip address 4.4.4.4 32
[R4]interface LoopBack 1
[R4-LoopBack1]ip address 172.16.10.1 32
[R4]interface LoopBack 2
[R4-LoopBack2]ip address 172.16.20.1 32
"=============R5============="
[Huawei]interface GigabitEthernet 0/0/0
[Huawei-GigabitEthernet0/0/0]ip address 100.0.0.2 255.255.255.252
2.配置交换机
"=============SW1============="
[SW1]vlan batch 10 20 100
[SW1]interface Vlanif 10
[SW1-Vlanif10]ip address 192.168.10.252 24
[SW1]interface Vlanif 20
[SW1-Vlanif20]ip address 192.168.20.252 24
[SW1]interface Vlanif 100
[SW1-Vlanif100]ip address 192.168.11.2 24
[SW1]interface GigabitEthernet 0/0/2
[SW1-GigabitEthernet0/0/2]port link-type trunk
[SW1-GigabitEthernet0/0/2]port trunk allow-pass vlan all
[SW1]interface GigabitEthernet 0/0/3
[SW1-GigabitEthernet0/0/3]port link-type trunk
[SW1-GigabitEthernet0/0/3]port trunk allow-pass vlan all
[SW1]interface GigabitEthernet 0/0/1
[SW1-GigabitEthernet0/0/1]port link-type access
[SW1-GigabitEthernet0/0/1]port default vlan 100
"=============SW2============="
[SW2]vlan batch 10 20 100
[SW2]interface Vlanif 10
[SW2-Vlanif10]ip address 192.168.10.253 24
[SW2]interface Vlanif 20
[SW2-Vlanif20]ip address 192.168.20.253 24
[SW2]interface Vlanif 100
[SW2-Vlanif100] ip address 192.168.12.2 24
[SW2]interface GigabitEthernet 0/0/2
[SW2-GigabitEthernet0/0/2]port link-type trunk
[SW2-GigabitEthernet0/0/2]port trunk allow-pass vlan all
[SW2]interface GigabitEthernet 0/0/3
[SW2-GigabitEthernet0/0/3]port link-type trunk
[SW2-GigabitEthernet0/0/3]port trunk allow-pass vlan all
[SW2]interface GigabitEthernet 0/0/1
[SW2-GigabitEthernet0/0/1]port link-type access
[SW2-GigabitEthernet0/0/1]port default vlan 100
"=============SW3============="
[SW3]vlan batch 10 20 100
[SW3]interface GigabitEthernet 0/0/3
[SW3-GigabitEthernet0/0/3]port link-type access
[SW3-GigabitEthernet0/0/3]port default vlan 10
[SW3]interface GigabitEthernet 0/0/4
[SW3-GigabitEthernet0/0/4]port link-type access
[SW3-GigabitEthernet0/0/4]port default vlan 20
[SW3]interface GigabitEthernet 0/0/2
[SW3-GigabitEthernet0/0/2]port link-type trunk
[SW3-GigabitEthernet0/0/2]port trunk allow-pass vlan all
[SW3]interface GigabitEthernet 0/0/1
[SW3-GigabitEthernet0/0/1]port link-type trunk
[SW3-GigabitEthernet0/0/1]port trunk allow-pass vlan all
"=============SW4============="
[SW4]vlan batch 10 20 100
[SW4]interface GigabitEthernet 0/0/3
[SW4-GigabitEthernet0/0/3]port link-type access
[SW4-GigabitEthernet0/0/3]port default vlan 10
[SW4]interface GigabitEthernet 0/0/4
[SW4-GigabitEthernet0/0/4]port link-type access
[SW4-GigabitEthernet0/0/4]port default vlan 20
[SW4]interface GigabitEthernet 0/0/2
[SW4-GigabitEthernet0/0/2]port link-type trunk
[SW4-GigabitEthernet0/0/2]port trunk allow-pass vlan all
[SW4]interface GigabitEthernet 0/0/1
[SW4-GigabitEthernet0/0/1]port link-type trunk
[SW4-GigabitEthernet0/0/1]port trunk allow-pass vlan all
3.配置聚合链路
配置SW1和SW2的聚合链路,使宽带的速率提高
"=============SW1============="
[SW1]interface Eth-Trunk 1
[SW1-Eth-Trunk1]trunkport GigabitEthernet 0/0/4
[SW1-Eth-Trunk1]trunkport GigabitEthernet 0/0/5
[SW1-Eth-Trunk1]port link-type trunk
[SW1-Eth-Trunk1]port trunk allow-pass vlan all
"=============SW2============="
[SW2]interface Eth-Trunk 1
[SW2-Eth-Trunk1]trunkport GigabitEthernet 0/0/4
[SW2-Eth-Trunk1]trunkport GigabitEthernet 0/0/5
[SW2-Eth-Trunk1]port link-type trunk
[SW2-Eth-Trunk1]port trunk allow-pass vlan all
4.配置MSTP多生成树协议
"=============SW1============="
[SW1]stp mode mstp
[SW1]stp region-configuration
[SW1-mst-region]region-name spoto
[SW1-mst-region]instance 1 vlan 10
[SW1-mst-region]instance 2 vlan 20
[SW1-mst-region]active region-configuration
[SW1]stp instance 1 root primary
[SW1]stp instance 2 root secondary
"=============SW2============="
[SW2]stp mode mstp
[SW2]stp region-configuration
[SW2-mst-region]region-name spoto
[SW2-mst-region]instance 1 vlan 10
[SW2-mst-region]instance 2 vlan 20
[SW2-mst-region]active region-configuration
[SW2]stp instance 1 root secondary
[SW2]stp instance 2 root primary
"=============SW3============="
[SW3]stp mode mstp
[SW3]stp region-configuration
[SW3-mst-region]region-name spoto
[SW3-mst-region]instance 1 vlan 10
[SW3-mst-region]instance 2 vlan 20
[SW3-mst-region]active region-configuration
"=============SW4============="
[SW4]stp mode mstp
[SW4]stp region-configuration
[SW4-mst-region]region-name spoto
[SW4-mst-region]instance 1 vlan 10
[SW4-mst-region]instance 2 vlan 20
[SW4-mst-region]active region-configuration
5.配置VRRP虚拟IP
"=============SW1============="
[SW1]interface Vlanif 10
[SW1-Vlanif10]vrrp vrid 1 virtual-ip 192.168.10.254
[SW1-Vlanif10]vrrp vrid 1 priority 120
[SW1-Vlanif10]vrrp vrid 1 track interface GigabitEthernet 0/0/1 reduced 30
[SW1]interface Vlanif 20
[SW1-Vlanif20]vrrp vrid 2 virtual-ip 192.168.20.254
"=============SW2============="
[SW2]interface Vlanif 10
[SW2-Vlanif10]vrrp vrid 1 virtual-ip 192.168.10.254
[SW2]interface Vlanif 20
[SW2-Vlanif20]vrrp vrid 2 virtual-ip 192.168.20.254
[SW2-Vlanif20]vrrp vrid 2 priority 120
[SW2-Vlanif20]vrrp vrid 2 track interface GigabitEthernet 0/0/1 reduced 30
6.配置OSPF
分部的OSPF配置区域为AREA1 总部配置为AREA0
"配置分部的OSPF"
"=============R1============="
[R1]ospf 1
[R1-ospf-1]area 0
[R1-ospf-1-area-0.0.0.0]network 192.168.11.0 0.0.0.255
[R1-ospf-1-area-0.0.0.0]network 192.168.12.0 0.0.0.255
[R1-ospf-1-area-0.0.0.0]authentication-mode simple plain huawei
[R1-ospf-1]area 1
[R1-ospf-1-area-0.0.0.1]network 12.0.0.0 0.0.0.255
[R1-ospf-1-area-0.0.0.1]network 13.0.0.0 0.0.0.255
[R1-ospf-1-area-0.0.0.1]authentication-mode simple plain huawei
"=============R2============="
[R2]ospf 1
[R2-ospf-1]area 1
[R2-ospf-1-area-0.0.0.1]network 2.2.2.2 0.0.0.0
[R2-ospf-1-area-0.0.0.1]network 12.0.0.0 0.0.0.255
[R2-ospf-1-area-0.0.0.1]network 24.0.0.0 0.0.0.255
[R2-ospf-1-area-0.0.0.1]authentication-mode simple plain huawei
"=============R3============="
[R3]ospf 1
[R3-ospf-1]area 1
[R3-ospf-1-area-0.0.0.1]network 3.3.3.3 0.0.0.0
[R3-ospf-1-area-0.0.0.1]network 13.0.0.0 0.0.0.255
[R3-ospf-1-area-0.0.0.1]network 34.0.0.0 0.0.0.255
[R3-ospf-1-area-0.0.0.1]authentication-mode simple plain huawei
"=============R4============="
[R4]ospf 1
[R4-ospf-1]area 1
[R4-ospf-1-area-0.0.0.1]network 4.4.4.4 0.0.0.0
[R4-ospf-1-area-0.0.0.1]network 24.0.0.0 0.0.0.255
[R4-ospf-1-area-0.0.0.1]network 34.0.0.0 0.0.0.255
[R4-ospf-1-area-0.0.0.1]authentication-mode simple plain huawei
"配置总部的OSPF"
"=============SW1============="
[SW1]ospf 1
[SW1-ospf-1]area 0
[SW1-ospf-1-area-0.0.0.0]network 192.168.11.0 0.0.0.255
[SW1-ospf-1-area-0.0.0.0]network 192.168.10.0 0.0.0.255
[SW1-ospf-1-area-0.0.0.0]network 192.168.20.0 0.0.0.255
[SW1-ospf-1-area-0.0.0.0]authentication-mode simple plain huawei
"=============SW2============="
[SW2]ospf 1
[SW2-ospf-1]area 0
[SW2-ospf-1-area-0.0.0.0]network 192.168.12.0 0.0.0.255
[SW2-ospf-1-area-0.0.0.0]network 192.168.10.0 0.0.0.255
[SW2-ospf-1-area-0.0.0.0]network 192.168.20.0 0.0.0.255
[SW2-ospf-1-area-0.0.0.0]authentication-mode simple plain huawei
7.配置BGP协议互联
配置R1 R2 R3 R4路由器BGP互联协议
"=============R1============="
[R1]bgp 100
[R1-bgp]router-id 1.1.1.1
[R1-bgp]peer 12.0.0.2 as-number 200
[R1-bgp]peer 13.0.0.3 as-number 200
[R1-bgp]ipv4-family unicast
[R1-bgp-af-ipv4]undo synchronization
[R1-bgp-af-ipv4]peer 12.0.0.2 en
[R1-bgp-af-ipv4]peer 12.0.0.2 enable
[R1-bgp-af-ipv4]peer 13.0.0.3 enable
"=============R2============="
[R2]bgp 200
[R2-bgp]router-id 2.2.2.2
[R2-bgp]peer 3.3.3.3 as-number 200
[R2-bgp]peer 3.3.3.3 connect-interface LoopBack 0
[R2-bgp]peer 4.4.4.4 as-number 200
[R2-bgp]peer 4.4.4.4 connect-interface LoopBack 0
[R2-bgp]peer 12.0.0.1 as-number 200
[R2-bgp]ipv4-family unicast
[R2-bgp-af-ipv4]undo synchronization
[R2-bgp-af-ipv4]peer 3.3.3.3 enable
[R2-bgp-af-ipv4]peer 3.3.3.3 next-hop-local
[R2-bgp-af-ipv4]peer 4.4.4.4 enable
[R2-bgp-af-ipv4]peer 4.4.4.4 next-hop-local
[R2-bgp-af-ipv4]peer 12.0.0.1 enable
[R2-bgp-af-ipv4]peer 12.0.0.1 route-policy 1 export
"=============R3============="
[R3]bgp 200
[R3-bgp]router-id 3.3.3.3
[R3-bgp]peer 2.2.2.2 as-number 200
[R3-bgp]peer 2.2.2.2 connect-interface LoopBack 0
[R3-bgp]peer 4.4.4.4 as-number 200
[R3-bgp]peer 4.4.4.4 connect-interface LoopBack 0
[R3-bgp]peer 13.0.0.1 as-number 200
[R3-bgp]ipv4-family unicast
[R3-bgp-af-ipv4]undo synchronization
[R3-bgp-af-ipv4]peer 2.2.2.2 enable
[R3-bgp-af-ipv4]peer 2.2.2.2 next-hop-local
[R3-bgp-af-ipv4]peer 4.4.4.4 enable
[R3-bgp-af-ipv4]peer 4.4.4.4 next-hop-local
[R3-bgp-af-ipv4]peer 13.0.0.1 enable
[R3-bgp-af-ipv4]peer 13.0.0.1 route-policy 1 export
"=============R4============="
[R4]bgp 200
[R4-bgp]router-id 4.4.4.4
[R4-bgp]peer 2.2.2.2 as-number 200
[R4-bgp]peer 2.2.2.2 connect-interface LoopBack 0
[R4-bgp]peer 3.3.3.3 as-number 200
[R4-bgp]peer 3.3.3.3 connect-interface LoopBack 0
[R4-bgp]ipv4-family unicast
[R4-bgp-af-ipv4]undo synchronization
[R4-bgp-af-ipv4]network 172.16.10.1 255.255.255.255
[R4-bgp-af-ipv4]network 172.16.20.1 255.255.255.255
[R4-bgp-af-ipv4]peer 2.2.2.2 enable
[R4-bgp-af-ipv4]peer 2.2.2.2 next-hop-local
[R4-bgp-af-ipv4]peer 3.3.3.3 enable
[R4-bgp-af-ipv4]peer 3.3.3.3 next-hop-local
8.R1配置ACL
配置ACL访问过滤
"=============R1============="
[R1]acl number 2000
[R1-acl-basic-2000]rule 5 permit source 192.168.10.0 0.0.0.255
[R1]acl 3001
[R1-acl-adv-3001]rule 10 permit ip source 192.168.10.0 0.0.0.255 destination 172.16.10.1 0
[R1]acl 3002
[R1-acl-adv-3002]rule 10 permit ip source 192.168.20.0 0.0.0.255 destination 172.16.20.1 0
[R1]interface GigabitEthernet 4/0/0
[R1-GigabitEthernet4/0/0]nat outbound 2000
[R1]interface GigabitEthernet 4/0/2
[R1-GigabitEthernet4/0/2]nat outbound 2000
9.R2配置路由策略
定义策略路由指定访问网通地址段的数据报文下一跳为网通网关,创建一个基于IP地址前缀列表的匹配规则。
"=============R2============="
[R2]route-policy 1 permit node 10
[R2-route-policy]if-match ip-prefix 2
[R2-route-policy]apply cost 100
[R2]route-policy 1 permit node 20
[R2-route-policy]if-match ip-prefix 2
[R2-route-policy]apply cost 200
[R2]ip ip-prefix 1 index 10 permit 172.16.10.1 32
[R2]ip ip-prefix 2 index 10 permit 172.16.20.1 32
"=============R3============="
[R3]route-policy 1 permit node 10
[R3-route-policy]if-match ip-prefix 2
[R3-route-policy]apply cost 100
[R3]route-policy 1 permit node 20
[R3-route-policy]if-match ip-prefix 2
[R3-route-policy]apply cost 200
[R3]ip ip-prefix 1 index 10 permit 172.16.10.1 32
[R3]ip ip-prefix 2 index 10 permit 172.16.20.1 32
10.路由器配置认证
路由器配置VTY和console认证 开启telnet
"=============R1============="
[R1]user-interface console 0
[R1-ui-console0]authentication-mode password
Please configure the login password (maximum length 16):huawei
[R1]user-interface vty 0 4
[R1-ui-vty0-4]set authentication password cipher huawei
[R1-ui-vty0-4]user privilege level 3
[R1]aaa
[R1-aaa]local-user admin password cipher huawei
[R1-aaa]local-user admin service-type http
"=============R2============="
[R2]user-interface console 0
[R2-ui-console0]authentication-mode password
Please configure the login password (maximum length 16):huawei
[R2]user-interface vty 0 4
[R2-ui-vty0-4]set authentication password cipher huawei
[R2-ui-vty0-4]user privilege level 3
[R2]aaa
[R2-aaa]local-user admin password cipher huawei
[R2-aaa]local-user admin service-type http
"=============R3============="
[R3]user-interface console 0
[R3-ui-console0]authentication-mode password
Please configure the login password (maximum length 16):huawei
[R3]user-interface vty 0 4
[R3-ui-vty0-4]set authentication password cipher huawei
[R3-ui-vty0-4]user privilege level 3
[R3]aaa
[R3-aaa]local-user admin password cipher huawei
[R3-aaa]local-user admin service-type http
"=============R4============="
[R4]user-interface console 0
[R4-ui-console0]authentication-mode password
Please configure the login password (maximum length 16):huawei
[R4]user-interface vty 0 4
[R4-ui-vty0-4]set authentication password cipher huawei
[R4-ui-vty0-4]user privilege level 3
[R4]aaa
[R4-aaa]local-user admin password cipher huawei
[R4-aaa]local-user admin service-type http
"=============R5============="
[R5]user-interface console 0
[R5-ui-console0]authentication-mode password
Please configure the login password (maximum length 16):huawei
[R5]user-interface vty 0 4
[R5-ui-vty0-4]set authentication password cipher huawei
[R5-ui-vty0-4]user privilege level 3
[R5]aaa
[R5-aaa]local-user admin password cipher huawei
[R5-aaa]local-user admin service-type http
11.交换机配置认证
"=============SW1============="
[SW1]aaa
[SW1-aaa]local-user admin password simple huawei
[SW1-aaa]local-user admin service-type http
[SW1]user-interface console 0
[SW1-ui-console0]set authentication password cipher huawei
[SW1-ui-console0]user privilege level 15
[SW1]user-interface vty 0 4
[SW1-ui-vty0-4]set authentication password cipher huawei
[SW1-ui-vty0-4]user privilege level 3
"=============SW2============="
[SW2]aaa
[SW2-aaa]local-user admin password simple huawei
[SW2-aaa]local-user admin service-type http
[SW2]user-interface console 0
[SW2-ui-console0]set authentication password cipher huawei
[SW2-ui-console0]user privilege level 15
[SW2]user-interface vty 0 4
[SW2-ui-vty0-4]set authentication password cipher huawei
[SW2-ui-vty0-4]user privilege level 3
"=============SW3============="
[SW3]aaa
[SW3-aaa]local-user admin password simple huawei
[SW3-aaa]local-user admin service-type http
[SW3]user-interface console 0
[SW3-ui-console0]set authentication password cipher huawei
[SW3-ui-console0]user privilege level 15
[SW3]user-interface vty 0 4
[SW3-ui-vty0-4]set authentication password cipher huawei
[SW3-ui-vty0-4]user privilege level 3
"=============SW4============="
[SW4]aaa
[SW4-aaa]local-user admin password simple huawei
[SW4-aaa]local-user admin service-type http
[SW4]user-interface console 0
[SW4-ui-console0]set authentication password cipher huawei
[SW4-ui-console0]user privilege level 15
[SW4]user-interface vty 0 4
[SW4-ui-vty0-4]set authentication password cipher huawei
[SW4-ui-vty0-4]user privilege level 3
浙公网安备 33010602011771号