拓扑图
交换机1:
<H3C>system-view -----进入系统配置模式
[H3C]vlan 10 -----创建vlan10
[H3C]interface vlan 10 -----进入管理vlan 10
[H3C-Vlan-interface10]ip add 192.168.10.1 24 -----配置管理ip地址
[H3C]interface GigabitEthernet 1/0/1-----进入端口模式
[H3C-GigabitEthernet1/0/1]port link-type trunk----端口类型修改为trunk
[H3C-GigabitEthernet1/0/1]port trunk permit vlan 10-----trunk端口允许vlan 10 通过
[H3C]telnet server enable -----开启telnet服务
[H3C]user-interfacc vty 0 4 ------进入vty控制台
[H3C-line-vty0-4]authentication-mode scheme-----使用认证模式为scheme
[H3C-line-vty0-4]user-role level-15 -----设置用户优先级
[H3C]local-user admin class manage -----创建新用户admin
[H3C-luser-manage-li]password simple 123.com -----创建类型为密文的密码 –123.com
[H3C-luser-manage-li]authorization-attribute user-role level-15 -----创建用户等级为15
[H3C-luser-manage-li]authorization-attribute user-role network-admin -----权限为admin
[H3C-luser-manage-li]service-type telnet -----服务方式为telnet
交换机2:
<H3C>system-view -----进入系统配置模式
[H3C]vlan 10 -----创建vlan10
[H3C]interface vlan 10 -----进入管理vlan 10
[H3C-Vlan-interface10]ip add 192.168.10.2 24 -----配置管理ip地址
[H3C]interface GigabitEthernet 1/0/1-----进入端口模式
[H3C-GigabitEthernet1/0/1]port link-type trunk----端口类型修改为trunk
[H3C-GigabitEthernet1/0/1]port trunk permit vlan 10-----trunk端口允许vlan 10 通过
[H3C]telnet server enable -----开启telnet服务
[H3C]user-interfacc vty 0 4 ------进入vty控制台
[H3C-line-vty0-4]authentication-mode scheme-----使用认证模式为scheme
[H3C-line-vty0-4]user-role level-15 -----设置用户优先级
[H3C]local-user admin class manage -----创建新用户admin
[H3C-luser-manage-li]password simple 123.com -----创建类型为密文的密码 –123.com
[H3C-luser-manage-li]authorization-attribute user-role level-15 -----创建用户等级为15
[H3C-luser-manage-li]authorization-attribute user-role network-admin -----权限为admin
[H3C-luser-manage-li]service-type telnet -----服务方式为telnet
测试:
方式2为不带用户名的Telnet
配置跟scheme模式配置相同,只需要把远程认证方式更改一下,命令如下
[H3C-line-vty0-4]authentication-mode password //改为密码认证
[H3C-line-vty0-4]set authentication password 123.com //设置密码
[H3C-line-vty0-4]user-role level-15 //配置权限等级