华为ensp模拟器7.1-网络设备的维护

一、配置stelnet

1.PC2的基本配置，用路由器模拟

<Huawei>sys

Enter system view, return user view with Ctrl+Z.

[Huawei]un in e

Info: Information center is disabled.

[Huawei]sys PC2

[Huawei]int g 0/0/0

[Huawei-GigabitEthernet0/0/0]ip add 192.168.1.1 24

[Huawei-GigabitEthernet0/0/0]q

[Huawei]ip route-static 0.0.0.0 0.0.0.0 192.168.1.254

[Huawei]q

2.S1的配置

<Huawei>sys

进入系统视图，键入Ctrl+Z退回到用户视图。

[Huawei]un in e

提示：信息中心被关闭。

[Huawei]sys S1

[S1]vlan 10

[S1-vlan10]des

[S1-vlan10]description manager

[S1-vlan10]q

[S1]q

<S1>sa

将把当前的配置保存到存储设备中。

是否继续？[Y/N]y

提示：请输入文件名（*.cfg，*.zip）[vrpcfg.zip]：

flash:/vrpcfg.zip文件已经存在，是否覆盖？[Y/N]:y

正在将运行时的配置写入到存储设备0。

保存配置成功。

3.R1的配置

<Huawei>sys

Enter system view, return user view with Ctrl+Z.

[Huawei]sys R1

[R1]int g 0/0/1

[R1-GigabitEthernet0/0/1]ip add 192.168.1.254 24

[R1-GigabitEthernet0/0/1]return 

4.开启SSH服务

[R1]stelnet server en

Info: Succeeded in starting the STELNET server.

5.查看SSH服务状态

[R1]dis ssh server status 

 SSH version             :1.99  

 SSH connection timeout       :60 seconds

 SSH server key generating interval :0 hours

 SSH Authentication retries     :3 times

 SFTP Server             :Disable

 Stelnet server           :Enable

[R1]

6.在R1 配置SSH服务器

<1>配置生成RSA密钥

[R1]rsa local-key-pair create 

The key name will be: Host

% RSA keys defined for Host already exist.

Confirm to replace them? (y/n)[n]:y

The range of public key size is (512 ~ 2048).

NOTES: If the key modulus is greater than 512,

    It will take a few minutes.

Input the bits in the modulus[default = 512]:

Generating keys...

...............++++++++++++

..++++++++++++

...............++++++++

........................++++++++

[R1]

<2>配置SSH登录界面

认证方式aaa，用户名admin，密码huawei

[R1]user-interface vty 0 4

[R1-ui-vty0-4]authentication-mode aaa

[R1-ui-vty0-4]protocol inbound ssh 

[R1-ui-vty0-4]idle-timeout 15

[R1-ui-vty0-4]q

[R1]aaa

[R1-aaa]local-user admin password cipher huawei privilege level 3

[R1-aaa]local-user admin service-type ssh

[R1]ssh user admin authentication-type password

 Authentication type setted, and will be in effect next time

[R1]q

<R1>sa

 The current configuration will be written to the device. 

 Are you sure to continue? (y/n)[n]:y

 It will take several minutes to save configuration file, please wait........

 Configuration file had been saved successfully

 Note: The configuration file will take effect after being activated

<R1>

7.在PC2 开启SSH用户端首次认证

<Huawei>sys

[PC2]ssh client first-time enable 

8.在PC2使用　Stelnet 192.168.1.254命令进行aaa测试

[PC2]stelnet 192.168.1.254

Please input the username:admin  输入admin 用户名

Trying 192.168.1.254 ...

Press CTRL+K to abort

Connected to 192.168.1.254 ...

The server is not authenticated. Continue to access it? (y/n)[n]:y  接受密钥 按y

Save the server's public key? (y/n)[n]:y   保存密钥 按y

The server's public key will be saved with the name 192.168.1.254. Please wait..

.

Enter password:  输入密码huawei 看不见

<R1>

9.查看SSH服务器 当前会话

在PC2 查看

[R1]dis ssh server session 

 --------------------------------------------------------------------

 Conn  Ver  Encry   State Auth-type    Username

 --------------------------------------------------------------------

 VTY 0 2.0  AES    run  password     admin   

在R1 查看

<R1>dis ssh server session

 --------------------------------------------------------------------

 Conn  Ver  Encry   State Auth-type    Username

 --------------------------------------------------------------------

 VTY 0 2.0  AES    run  password     admin    

二、配置通过FTP 备份配置文件

1.配置FTP服务器

地址：192.168.1.100

网关：192.168.1.254

2.配置FTP Server

在电脑设置一个根目录 ，再点击 启动

3.在R1 实现配置文件备份

<R1>save r1-backup.cfg  保存R1配置文件为 r1-backup.cfg

 Are you sure to save the configuration to r1-backup.cfg? (y/n)[n]:y

<R1>dir   查看文件目录

  7 -rw-      983 Oct 03 2023 15:29:46  r1-backup.cfg  备份文件

4.在R1 连接FTP

<R1>ftp 192.168.1.100

Trying 192.168.1.100 ...

Press CTRL+K to abort

Connected to 192.168.1.100.

220 FtpServerTry FtpD for free 

User(192.168.1.100:(none)): 回车

331 Password required for .

Enter password:  回车

230 User logged in , proceed

[R1-ftp]

5.把R1的配置上传到FTP

[R1-ftp]put r1-backup.cfg

200 Port command okay.

150 Opening BINARY data connection for r1-backup.cfg

 100%   

226 Transfer finished successfully. Data connection closed.

FTP: 983 byte(s) sent in 0.170 second(s) 5.78Kbyte(s)/sec.

6.在FTP服务器可以看到备份文件

7.在R1 实现文件配置还原

 <1>删除路由器R1本地配置文件 r1-backup.cfg

<R1>delete r1-backup.cfg

Delete flash:/r1-backup.cfg? (y/n)[n]:y

Info: Deleting file flash:/r1-backup.cfg...succeed. 

<R1>dir     没有 r1-backup.cfg 文件

Directory of flash:/

 Idx Attr   Size(Byte) Date    Time(LMT) FileName 

  0 drw-       - Oct 03 2023 14:58:10  dhcp

  1 -rw-    121,802 May 26 2014 09:20:58  portalpage.zip

  2 -rw-      540 Oct 03 2023 15:10:19  rsa_server_key.efs

  3 -rw-      396 Oct 03 2023 15:10:15  rsa_host_key.efs

  4 -rw-     2,263 Oct 03 2023 14:58:00  statemach.efs

  5 -rw-    828,482 May 26 2014 09:20:58  sslvpn.zip

  6 -rw-      249 Oct 03 2023 15:15:00  private-data.txt

  7 -rw-      614 Oct 03 2023 15:14:59  vrpcfg.zip

1,090,732 KB total (784,440 KB free)

  

  0 drw-       - Oct 03 2023 14:58:10  dhcp

  1 -rw-    121,802 May 26 2014 09:20:58  portalpage.zip

  2 -rw-      540 Oct 03 2023 15:10:19  rsa_server_key.efs

  3 -rw-      396 Oct 03 2023 15:10:15  rsa_host_key.efs

  4 -rw-     2,263 Oct 03 2023 14:58:00  statemach.efs

  5 -rw-    828,482 May 26 2014 09:20:58  sslvpn.zip

  6 -rw-      249 Oct 03 2023 15:15:00  private-data.txt

  7 -rw-      614 Oct 03 2023 15:14:59  vrpcfg.zip

<2>把FTP的配置文件还原到R1

[R1-ftp]get r1-backup.cfg

200 Port command okay.

150 Sending r1-backup.cfg (983 bytes). Mode STREAM Type BINARY

226 Transfer finished successfully. Data connection closed.

FTP: 983 byte(s) received in 0.140 second(s) 7.02Kbyte(s)/sec.

查看FTP获取的配置文件

<R1>dir

  7 -rw-      983 Oct 03 2023 15:40:30  r1-backup.cfg

8.设置R1 引导启动 r1-backup.cfg配置文件，并且新增配置保存

<R1>startup saved-configuration r1-backup.cfg 设置引导启动

查看配置文件

<R1>dis cu

[V200R003C00]

#

 sysname R1

#

 snmp-agent local-engineid 800007DB03000000000000

 snmp-agent 

#

 clock timezone China-Standard-Time minus 08:00:00

#

portal local-server load portalpage.zip

#

 drop illegal-mac alarm

#

 set cpu-usage threshold 80 restore 75

#

aaa 

 authentication-scheme default

 authorization-scheme default

 accounting-scheme default

 domain default 

 domain default_admin 

 local-user admin password cipher %$%$02SrP7aUdP5~"2#g~$n6^8SU%$%$

 local-user admin privilege level 3

 local-user admin service-type ssh

#

firewall zone Local

 priority 15

#

interface GigabitEthernet0/0/0

#

interface GigabitEthernet0/0/1

 ip address 192.168.1.254 255.255.255.0 

#

interface GigabitEthernet0/0/2

#

interface NULL0

#

 stelnet server enable 

#

user-interface con 0

 authentication-mode password

user-interface vty 0 4

 authentication-mode aaa

 idle-timeout 15 0

 protocol inbound ssh

user-interface vty 16 20

#

wlan ac

#

return

9.新增配置 LoopBack 1

<R1>sys

Enter system view, return user view with Ctrl+Z.

[R1]

[R1]int lo

[R1]int LoopBack 1

[R1-LoopBack1]ip add 10.10.10.1 24

[R1-LoopBack1]q

[R1]q

<R1>sa

 The current configuration will be written to the device. 

 Are you sure to continue? (y/n)[n]:y

 It will take several minutes to save configuration file, please wait.......

 Configuration file had been saved successfully

 Note: The configuration file will take effect after being activated

<R1>

10.重启R1 使用dis cu查看配置信息

loopback文件没有显示

 <R1>reboot

war ing ：·······输入n 

system ····· 输入y

<R1>reboot

Info: The system is comparing the configuration, please wait.

Warning: All the configuration will be saved to the next startup configuration. 

Continue ? [y/n]:n  

System will reboot! Continue ? [y/n]:y

Info: system is rebooting ,please wait...