Huawei Hcie Theory and practical Notes "3-telnet management"

Source: Internet
Author: User



Noun Explanation:



the console port console is the control console. In the early days of the computer, people interacted with the computer through a number of buttons and a large number of lights, which was the early "parallel communication" for short. This approach takes up a large number of chip ports and the transmission between devices is very slow, so a fast way of communication "serial communication" for short, "Serial port" appeared. The early people use the keyboard and the monitor through the serial port way to interact with the computer, this kind of way develops now becomes one kind of equipment common communication mechanism, namely "the console". The console is used to manage the underlying functionality of the device and is one of its security mechanisms because of the "drawbacks" that require direct close interaction with the device. The device generally retains a console port, users need to use a serial communication device (typically a PC or notebook) and the device directly connected, open a serial communication software (typically SECURECRT or HyperTerminal), based on the device's serial configuration to establish a connection, and then use the console password to log on to the device.



"Network Port" network is to connect the device to the user's network for access, commonly used network port access including Telnet, SSH, the web and so on.



"Telnet" telnet is a remote login, is a network access device is also a network protocol, the physical device and the user's PC access to the same network, the device as a server to open a Telnet server waiting for users to connect, The client can start a Telnet client through the CMD interface (or other software), which will connect to the server and exchange data according to the agreed-upon protocol, which enables the so-called Telnet login. clinet The user can remotely manage the device by sending a pre-set instruction to the device via Telnet.









The meaning of a telnet



With Telnet, you can easily manage all the devices on your network, making it possible to manage your devices remotely. Combined with the virtual terminal technology can also achieve different levels of user rights management, under the minimum permissions users can only view the configuration of the device, can not make any changes. Under the highest permissions, users can implement configuration modification, user management, file management and so on, and from the console port is no different. User Rights management can effectively avoid the low-level users on the device misoperation, but also to ensure that the administrator convenient use.






How to log in using Telnet



The Telnet login device takes the following three procedures:



1. Telnet function of the Enable device



Before the device's Telnet function starts, it needs to use the console port to log on to the device and enable the function


<ar>user-intvty 0 4//Configure virtual terminal 0-4 <ar-ui-vty0-4>dis this//view current configuration (not required) <AR-UI-VTY0-4&G T;protocolinbound All//enable Telnet with SSH protocol


2. Set access mode and Rights Management



devices support two access modes, one is single password mode, the other is user plus password mode.



1) Single password mode


<ar-ui-vty0-4>authentication-mode Password//set access mode to single password <ar-ui-vty0-4>setauthentication password CIP Her//Change password


i devices can set different privileged passwords for hierarchical access in single-password mode (default to Level 0).


<ar>superpassword Level 3 Cipher * * * Set a privileged password of 3


After the user logs on to the device using the normal password set earlier, you can use the Super command to get higher access rights.


Using Telnet to log on to the device first gets the default level of 0 permissions <ar>super//input Level 3 privileged password to get level 3 permissions


After the user has set a different level of privileged password, you can also enter the password when Telnet is logged on to the device, so that you can gain access to that level directly without having to enter super for privileged access.



2) User plus password mode (AAA)


<ar-ui-vty0-4>authentication-mode AAA//Modify the authentication mode to AAA, that is, user name plus password mode


The AAA mode has the default User admin, the user can also create a new user, the newly created user access level is 0, users can specify different access levels for different users


<AR>AAA//Enter AAA View <ar-aaa>local-user Test Password cipher test//create user name and password are test users <ar- Aaa>local-user test service-type telnet ssh//Specifies that the user can log on to the device via telnet or SSH <ar-aaa>local-user test privilege Level 3//Specify a test user's access level of 3 <ar-aaa>undolocal-user test privilege levels//Cancel test user access (back to 0)


3) Default permission settings



Users can also set the default permissions for virtual end users


<ar-ui-vty0-4>user Privilege Level 3//Set Vty user default to 3


3. Connecting devices using Telnet client



Users can log on to the device using software such as CMD or securecrt of the PC.






Three login levels





level name
0 0 Visitor level Network diagnostic tool (ping, tracert) ; Jump other Device (telnet)
1 0, 1 monitoring level device configuration and status query (display etc)
2 0, 1, 2 business configuration (such as routing configuration, etc.)
3-15 0,, 2, 3 management


The management level corresponds to 13 user levels for granular management of management-level users.




Contact Us

The content source of this page is from Internet, which doesn't represent Alibaba Cloud's opinion; products and services mentioned on that page don't have any relationship with Alibaba Cloud. If the content of the page makes you feel confusing, please write us an email, we will handle the problem within 5 days after receiving your email.

If you find any instances of plagiarism from the community, please send an email to: info-contact@alibabacloud.com and provide relevant evidence. A staff member will contact you within 5 working days.

A Free Trial That Lets You Build Big!

Start building with 50+ products and up to 12 months usage for Elastic Compute Service

  • Sales Support

    1 on 1 presale consultation

  • After-Sales Support

    24/7 Technical Support 6 Free Tickets per Quarter Faster Response

  • Alibaba Cloud offers highly flexible support services tailored to meet your exact needs.