1. Huawei switch web login configuration
Web network management is a management method for switches. It uses the built-in Web server of the switch to provide users with a graphical operation interface. Users can log in to the web network management through HTTPS from the terminal to manage and maintain the switch, which is also very convenient.
1. Configuration ideas: 1. Configure the management IP address to facilitate the subsequent login to the switch through the web network management system. 2. Load the web page file. 3. Configure a web user and enter the web network management login interface.
2. Configuration steps:
1. Configure the management IP address
<HUAWEI> system-view [HUAWEI] sysname HTTPS_Server [HTTPS_Server] vlan 10 [HTTPS_Server-vlan10] quit [HTTPS_Server] interface vlanif 10 //Configure VLANIF10 as the management interface.
[HTTPS_Server-Vlanif10] ip address 192.168.0.1 24 //Please configure the IP address and route deployment according to the network planning to ensure that the route between the user terminal and the switch is reachable.
[HTTPS_Server-Vlanif10] quit
[HTTPS_Server] interface gigabitethernet 1/0/10 //GE1/0/10 is the number of the physical interface connected to the Switch from the PC that logs in to the Switch through the web system. Please select it according to the actual live network conditions.
[HTTPS_Server-GigabitEthernet1/0/10] port link-type access //Configure the interface type as access.
[HTTPS_Server-GigabitEthernet1/0/10] port default vlan 10 //Configure the interface to join VLAN 10.
[HTTPS_Server-GigabitEthernet1/0/10] quit
2. Load web files
Run the dir command in the user view to view the name of the web page file on the switch.
<HUAWEI> system-view [HUAWEI] sysname HTTPS_Server
[HTTPS_Server] http server load web.7z //Load the web page file. The web page file named web.7z here is just an example.
3. Enable HTTPS service
[HTTPS_Server] http secure-server enable //HTTPS service is enabled by default, and users do not need to configure it by default. If the HTTPS service is manually disabled, this command needs to be enabled.
4. Configure web users and enter the web network management interface
# Configure web users.
[HTTPS_Server] aaa [HTTPS_Server-aaa] local-user admin password cipher Helloworld@6789
//Create a local user named admin, and set its login password to Helloworld@6789.
[HTTPS_Server-aaa] local-user admin privilege level 15 //Set the user level to 15.
[HTTPS_Server-aaa] local-user admin service-type http //Configure the access type as http, namely: Web user. [HTTPS_Server-aaa] quit
5. Enter the web network management login interface.
Open a browser on the PC, enter https://192.168.0.1 in the address bar, and press Enter to enter the web system login interface.
https://mmbiz.qpic.cn/mmbiz_png/p7nzJgwSeoztTsj6yxtcTVnoYSZQcGZPR2HicAicU3CvQ6YZ1ia4sibRxWSAicyEDhtyibPohrLh7F8Fzw04ooZQIHkQ/640?wx_fmt=png&wxfrom=5&wx_lazy=1&wx_co=1
This completes the web management login of the Huawei switch. Of course, if you want to check the configuration, you can use the command display http server to view it.
In addition to the web and ssh management methods, the Telnet management method is also used in small and medium-sized networks, let's take a look.
2. How to configure Telnet remote login on Huawei switches
In the project, it is also necessary to log in and manage the switch remotely , so you can configure the Telnet service function on the switch and use AAA authentication to log in. Let's take a Huawei switch as an example to configure the remote login of the switch.
Step 1: Log in to the switch from PC1 through the console port of the switch.
This has been done above.
Step 2: Configure the switch name and management IP address.
<Quidway>system-view
[Quidway] sysname S //Change the name of the switch to Server
[S] interface ethernet 0/0/0 //Enter port 0/0/0
[S-Ethernet0/0/0] ip address 10.10.10.10 255.255.255.0 //Configure the management ip address.
[S-Ethernet0/0/0] quit //return
Step 3: Configure the Telnet user level and authentication method.
[S] telnet server enable //Enable the Telnet function.
[S] user-interface vty 0 4 //Enter the user interface view of VTY 0 to VTY 4, and support online operations of 0 to 4, 5 users at the same time.
[S-ui-vty0-4] user privilege level 15 //Set the user privilege level of VTY 0 to VTY 4 to 15.
[Sr-ui-vty0-4] authentication-mode aaa //Configure the user authentication mode of VTY 0 to VTY 4 to AAA authentication.
Notice:
This AAA certification is explained here. There are three authentication methods:
AAA (enter the correct user name and password at the same time to log in);
one (no authentication required)
password (enter the correct password to log in) authentication,
You can choose according to your needs, so we choose AAA.
[S-ui-vty0-4] quit //return
[S] aaa //Enter AAA authentication
[S-aaa] local-user admin123 password irreversible-cipher helloworld@6789 //Create a local user named admin123 and set its login password to helloworld@6789.
Here, irreversible-cipher weak electricity needs to be explained, which means that the user password is encrypted with an irreversible algorithm, so that illegal users cannot obtain the plaintext password through special processing of the decryption algorithm, providing better security for users.
[S-aaa] local-user admin1234 privilege level 15 //Set the user level to 15.
[S-aaa] local-user admin1234 service-type telnet //Configure the access type as telnet, namely: Telnet user.
[S-aaa] quit
Step 4: Log in to the switch through Telnet from PC2.
Take entering the Windows running window, executing related commands, and logging in to the switch through Telnet as an example:
After clicking OK, enter the user name and password in the login window. After the authentication passes, the command line prompt in user view appears. Indicates that the login is successful.