4.2. 基礎操作

4.2. 基礎操作
上一頁	第 4 章 H3C ICG（Information Communication Gateway）	下一頁

4.2.1. 登陸

			
[root@localhost ~]# telnet 192.168.4.4
Trying 192.168.4.4...
Connected to 192.168.4.4.
Escape character is '^]'.

******************************************************************************
* Copyright (c) 2004-2008 Hangzhou H3C Tech. Co., Ltd. All rights reserved.  *
* Without the owner's prior written consent,                                 *
* no decompiling or reverse-engineering shall be allowed.                    *
******************************************************************************


Login authentication


Username:neo
Password:
<Netkiller>

4.2.2. 創建用戶

創建用戶neo密碼chen，並允許telnet登陸

			
local-user neo
 password simple chen
 authorization-attribute level 3
 service-type ssh telnet terminal
 service-type ftp

4.2.3. 開啟SSH服務

[Netkiller]ssh server enable
Info: Enable SSH server.

測試登陸

			
[devops@master ~]$ ssh neo@192.168.4.4
neo@192.168.4.4's password:

******************************************************************************
* Copyright (c) 2004-2008 Hangzhou H3C Tech. Co., Ltd. All rights reserved.  *
* Without the owner's prior written consent,                                 *
* no decompiling or reverse-engineering shall be allowed.                    *
******************************************************************************

<Netkiller>

4.2.4. 開啟FTP服務

[Netkiller]ftp server enable

4.2.5. 保存配置

[Netkiller]save
The current configuration will be written to the device. Are you sure? [Y/N]:y
Please input the file name(*.cfg)[flash:/startup.cfg]
(To leave the existing filename unchanged, press the enter key):
flash:/startup.cfg exists, overwrite? [Y/N]:y
 Validating file. Please wait........................
 Configuration is saved to device successfully.
[Netkiller]

使用curl命令連結ftp列出目錄

[root@localhost ~]# curl -l ftp://neo:password@192.168.4.4
main.bin
2003_ca.cer
2003_server.pfx
navigator_ca.cer
navigator_local.cer
config.cwmp
system.xml
startup.cfg

使用curl查看配置檔案

[root@localhost ~]# curl ftp://neo:chen@192.168.4.4/startup.cfg

#
 version 5.20, ESS 1710
#
 sysname Netkiller
#
 tcp syn-cookie enable
 tcp anti-naptha enable
 tcp state closing connection-number 500
 tcp state established connection-number 500
 tcp state fin-wait-1 connection-number 500
 tcp state fin-wait-2 connection-number 500
 tcp state last-ack connection-number 500
 tcp state syn-received connection-number 500
#
 ipsec cpu-backup enable
#
 domain default enable system
#
 dns resolve
 dns proxy enable
 dns server 202.96.134.133
#
 telnet server enable
#
 port-security enable
#
 mac-authentication domain system
#
vlan 1
#
domain system
 authentication lan-access local
 access-limit disable
 state active
 idle-cut disable
 self-service-url disable
#
pki domain navigator
  crl check disable
#
ike proposal 1
 encryption-algorithm 3des-cbc
 dh group5
#
ike peer navigator
 pre-shared-key cipher uqWUC2uW1wbDFIn0NObiHg==
#
ipsec proposal navigator
 encapsulation-mode transport
 esp authentication-algorithm sha1
 esp encryption-algorithm 3des
#
ipsec proposal navigator1
 esp authentication-algorithm sha1
 esp encryption-algorithm 3des
#
ipsec policy-template gateway 1
 ike-peer navigator
 proposal navigator navigator1
#
ipsec policy navigator 1 isakmp template gateway
#
dhcp server ip-pool vlan1 extended
 network ip range 172.16.1.30 192.168.1.200
 network mask 255.255.255.0
 gateway-list 172.16.1.254
 dns-list 114.114.114.114 114.114.115.115
 domain-name netkiller.github.io
#
user-group system
#
local-user neo
 password simple chen
 authorization-attribute level 3
 service-type ssh telnet terminal
 service-type ftp
#
wlan rrm
 dot11b mandatory-rate 1 2
 dot11b supported-rate 5.5 11
 dot11g mandatory-rate 1 2 5.5 11
 dot11g supported-rate 6 9 12 18 24 36 48 54
#
wlan service-template 1 crypto
 ssid http://netkiller.github.io
 cipher-suite tkip
 security-ie rsn
 service-template enable
#
wlan service-template 2 crypto
 ssid http://netkiller.sf.net
 cipher-suite ccmp
 security-ie rsn
 service-template enable
#
ssl server-policy chinanet
 pki-domain navigator
#
cwmp
 cwmp acs username netkiller password netkiller
 cwmp cpe inform interval enable
 cwmp cpe inform interval 43200
 cwmp cpe username neo password neo
#
interface Aux0
 async mode flow
 link-protocol ppp
#
interface Ethernet0/0
 port link-mode route
 nat outbound
 ip address 192.168.4.4 255.255.255.0
#
interface NULL0
#
interface Vlan-interface1
 ip address 172.16.1.254 255.255.255.0
 dhcp server apply ip-pool vlan1
#
interface Ethernet0/1
 port link-mode bridge
#
interface Ethernet0/2
 port link-mode bridge
#
interface Ethernet0/3
 port link-mode bridge
#
interface Ethernet0/4
 port link-mode bridge
#
interface WLAN-BSS0
 port-security port-mode psk
 port-security tx-key-type 11key
 port-security preshared-key pass-phrase 13113668890
#
interface WLAN-BSS1
#
interface WLAN-Radio2/0
 service-template 1 interface wlan-bss 0
#
policy-based-route Ethernet0/0 permit node 0
   if-match acl 2000
   apply output-interface Ethernet0/0
#
 ip route-static 0.0.0.0 0.0.0.0 Ethernet0/0 192.168.4.254
#
 dhcp enable
#
 ip https ssl-server-policy chinanet
 ip https enable
#
 nms primary monitor-interface Ethernet0/0
#
 load xml-configuration
#
user-interface aux 0
user-interface vty 0 4
 authentication-mode scheme
#

保存配置檔案到startup.cfg檔案

# curl ftp://neo:chen@192.168.4.4/startup.cfg > startup.cfg
  % Total    % Received % Xferd  Average Speed   Time    Time     Time  Current
                                 Dload  Upload   Total   Spent    Left  Speed
100  3450    0  3450    0     0   2852      0 --:--:--  0:00:01 --:--:--  2853

上一頁	上一級	下一頁
第 4 章 H3C ICG（Information Communication Gateway）	起始頁	4.3. Ethernet0/0 - Wan口配置