Page 1 Quidway NetEngine20/20E Series Routers V200R005 Configuration Guide - Basic Configurations Issue Date 2010-01-30 Part Number 31501234 Huawei Proprietary and Confidential Copyright © Huawei Technologies Co., Ltd.
Page 2 Huawei Technologies Co., Ltd. provides customers with comprehensive technical support and service. For any assistance, please contact our local office or company headquarters. Huawei Technologies Co., Ltd. Address: Huawei Industrial Base Bantian, Longgang Shenzhen 518129 People's Republic of China Website: http://www.huawei.com...
Page 3 2.2 Establishing the Local Configuration Environment Through the Console Port ..........2-3 2.2.1 Establishing the Configuration Task....................2-3 2.2.2 Establishing the Physical Connection ....................2-4 2.2.3 Configuring Terminals........................2-4 2.2.4 Logging In to the Router ........................2-4 Huawei Proprietary and Confidential Issue 05 (2010-01-30) Copyright © Huawei Technologies Co., Ltd.
Page 4 3.11 Configuration Examples ..........................3-14 3.11.1 Example for Using Shortcut Keys ....................3-14 4 Basic Configuration ........................4-1 4.1 Introduction ..............................4-2 4.1.1 Extension of Command Levels ......................4-2 4.1.2 Extension of User Levels ........................4-2 Huawei Proprietary and Confidential Issue 05 (2010-01-30) Copyright © Huawei Technologies Co., Ltd.
Page 5: Table Of Contents
5.4.1 Establishing the Configuration Task....................5-15 5.4.2 Creating the Local User Account ....................5-16 5.4.3 Configuring the Service Type of the Local User ................5-16 5.4.4 Configuring FTP Directory Authority of the Local User..............5-17 Huawei Proprietary and Confidential Issue 05 (2010-01-30) Copyright © Huawei Technologies Co., Ltd.
Page 6 7.2 Displaying the Configuration of the Router ....................7-2 7.2.1 Viewing the Intial Configuration.......................7-2 7.2.2 Viewing the Current Configuration ....................7-3 7.2.3 Viewing the Running Configuration in the Current View ..............7-3 7.3 Saving the Current Configuration........................7-3 Huawei Proprietary and Confidential Issue 05 (2010-01-30) Copyright © Huawei Technologies Co., Ltd.
Page 7 8.6.2 Configuring the Basic ACL......................8-14 8.6.3 Configuring the Basic TFTP ACL....................8-14 8.7 Configuring XModem ..........................8-15 8.7.1 Establishing the Configuration Task....................8-15 8.7.2 Getting a File Through XModem ....................8-15 8.8 Configuration Examples..........................8-16 Huawei Proprietary and Confidential Issue 05 (2010-01-30) Copyright © Huawei Technologies Co., Ltd.
Page 8 9.5.2 Enabling the First-Time Authentication on the SSH Client.............9-18 9.5.3 Configuring the SSH Client to Assign the RSA Public Key to the SSH Server ......9-19 9.5.4 Enabling the STelnet Client......................9-19 9.5.5 Checking the Configuration ......................9-20 Huawei Proprietary and Confidential Issue 05 (2010-01-30) Copyright © Huawei Technologies Co., Ltd.
Page 9 10.5 Configuring the Electronic Label ......................10-9 10.5.1 Establishing the Configuration Task....................10-9 10.5.2 Querying the Electronic Label.......................10-9 10.5.3 Backing Up the Electronic Label ....................10-9 11 System Software Upgrade ....................11-1 11.1 Introduction ............................. 11-2 Huawei Proprietary and Confidential Issue 05 (2010-01-30) Copyright © Huawei Technologies Co., Ltd.
Page 10 12.6 Unloading the RPU Patch........................12-7 12.6.1 Establishing the Configuration Task....................12-7 12.6.2 Deleting the RPU Patch.........................12-8 A Glossary ............................ A-1 B Acronyms and Abbreviations ....................B-1 Index ..............................i-1 Huawei Proprietary and Confidential viii Issue 05 (2010-01-30) Copyright © Huawei Technologies Co., Ltd.
Page 11 Figure 9-8 Networking diagram of accessing the SSH server through other port numbers......9-38 Figure 9-9 Networking diagram of authenticating the SSH through RADIUS ..........9-43 Figure 12-1 Conversion between the statuses of a patch ................12-2 Huawei Proprietary and Confidential Issue 05 (2010-01-30) Copyright © Huawei Technologies Co., Ltd.
Page 12 Table 3-4 Editing functions..........................3-9 Table 3-5 Displaying functions ........................3-10 Table 3-6 Metacharacter description....................... 3-11 Table 3-7 System-defined shortcut keys ......................3-12 Table 5-1 Example for the absolute numbering ....................5-3 Huawei Proprietary and Confidential Issue 05 (2010-01-30) Copyright © Huawei Technologies Co., Ltd.
Page 13 Quidway NetEngine20/20E Configuration Guide - Basic Configurations Contents Contents About This Document........................1 Huawei Proprietary and Confidential Issue 05 (2010-01-30) Copyright © Huawei Technologies Co., Ltd.
Page 14: About This Document
NE20/20E. 2 Establishment of the This chapter describes the procedures to set up the Configuration Environment configuration environments through CON, Telnet, and AUX. Huawei Proprietary and Confidential Issue 05 (2010-01-30) Copyright © Huawei Technologies Co., Ltd.
Page 15: A Glossary
The symbols that may be found in this document are defined as follows. Symbol Description Indicates a hazard with a high level of risk, which if not avoided, will result in death or serious injury. Huawei Proprietary and Confidential Issue 05 (2010-01-30) Copyright © Huawei Technologies Co., Ltd.
Page 16: General Conventions
{ x | y | ... } * Optional items are grouped in braces and separated by vertical bars. A minimum of one item or a maximum of all items can be selected. Huawei Proprietary and Confidential Issue 05 (2010-01-30) Copyright © Huawei Technologies Co., Ltd.
Page 17: Keyboard Operations
Description Click Select and release the primary mouse button without moving the pointer. Double-click Press the primary mouse button twice continuously and quickly without moving the pointer. Huawei Proprietary and Confidential Issue 05 (2010-01-30) Copyright © Huawei Technologies Co., Ltd.
Page 18: Update History
For second commercial release. Modified the naming method of the manual version. Updates in Issue 01(2007-03-18) The commercial release has the following updates: Initial field trial release. Huawei Proprietary and Confidential Issue 05 (2010-01-30) Copyright © Huawei Technologies Co., Ltd.
Page 19 1.3.6 Link Layer Protocols..........................1-12 1.3.7 IP Services............................1-13 1.3.8 Unicast Routing Protocols .........................1-13 1.3.9 Multicast Routing Protocols.......................1-14 1.3.10 MPLS Features..........................1-14 1.3.11 VPN Services ...........................1-15 1.3.12 QoS ..............................1-15 1.3.13 Security Features..........................1-17 Issue 05 (2010-01-30) Huawei Proprietary and Confidential Copyright © Huawei Technologies Co., Ltd.
Page 20 Quidway NetEngine20/20E Configuration Guide - Basic Configurations Figures Figures Figure 1-1 architecture ............................1-3 Issue 05 (2010-01-30) Huawei Proprietary and Confidential Copyright © Huawei Technologies Co., Ltd.
Page 21 Quidway NetEngine20/20E Configuration Guide - Basic Configurations Tables Tables Table 1-1 System service features ........................1-4 Issue 05 (2010-01-30) Huawei Proprietary and Confidential Copyright © Huawei Technologies Co., Ltd.
Page 22: Product Overview
This section describes the characteristics of the NE20/20E. 1.2 Functional Features This section describes the functional features of the NE20/20E. 1.3 Functions This section describes the main functions of the NE20/20E. Issue 05 (2010-01-30) Huawei Proprietary and Confidential Copyright © Huawei Technologies Co., Ltd.
Page 23: Introduction
1.1.2 Architecture Based on the TCP/IP structure model, the NE20/20E supports multiple data link layer protocols, network layer protocols and application layer protocols, as shown in Figure 1-1. Huawei Proprietary and Confidential Issue 05 (2010-01-30) Copyright © Huawei Technologies Co., Ltd.
Page 24: Figure 1-1 Architecture
Huawei Technologies Co., Ltd. (hereinafter referred to as Huawei). VRP takes the IP service as its core service, and has a modular architecture. It can provide rich functional features and scalability based on applications.
Page 25: Table 1-1 System Service Features
IPv6 static route, BGP4/BGP4+, RIPng, OSPFv3, and ISISv6 dynamic routing protocol IPv6 MIB: ICMPv6 MIB, UDP6 MIB, TCP6 MIB, and IPv6 MIB IP Multicast IGMP protocols PIM-DM, PIM-SM PIM-SSM MBGP MSDP Huawei Proprietary and Confidential Issue 05 (2010-01-30) Copyright © Huawei Technologies Co., Ltd.
Page 26 AAA service CHAP authentication PAP authentication RADIUS HWTACACS Local user management IPSec IKE and IPSec through hardware, including IKE encryption negotiation, IPSec packet process and SA management Issue 05 (2010-01-30) Huawei Proprietary and Confidential Copyright © Huawei Technologies Co., Ltd.
Page 27 One public network to multiple private networks, and one private network to multiple public networks Traffic limit and rate limit to specific users Traffic limit to BT NAT statistics NAT log Huawei Proprietary and Confidential Issue 05 (2010-01-30) Copyright © Huawei Technologies Co., Ltd.
Page 28 Providing information of link state for the application layer by BFD Automatic switchover for protection Other backup center features VRRP NextHop Backup Maintainability Automatic fault diagnosis function remote configuration and maintenance through AUX Issue 05 (2010-01-30) Huawei Proprietary and Confidential Copyright © Huawei Technologies Co., Ltd.
Page 29 MPLS MPLS QoS Mapping between DSCP and EXP at the domain boundary L2 QoS 802.1p mark and DSCP/IP Precedence mark HQoS Hierarchical QoS Huawei Proprietary and Confidential Issue 05 (2010-01-30) Copyright © Huawei Technologies Co., Ltd.
Page 30: Functions
SNMP Agent and cache buffer Network SNMP V1/V2c/VC3 management RMON and RMON2 1.3 Functions This section covers the following contents: Issue 05 (2010-01-30) Huawei Proprietary and Confidential Copyright © Huawei Technologies Co., Ltd.
Page 31: File System
The SNMP Agent of the NE20/20E supports public MIBs prescribed by a series of RFCs and those defined by Huawei so as to implement real-time monitoring over a great amount of network devices. It has been widely applied and accepted by more and more customers.
Page 32: Terminal Services
The Fast Reroute (FRR) can minimize data loss due to network faults. The switch time can achieve less than 50 ms The NE20/20E provides the following FR functions: IP fast reroute Issue 05 (2010-01-30) Huawei Proprietary and Confidential 1-11 Copyright © Huawei Technologies Co., Ltd.
Page 33: Interfaces
Carry out data forwarding between several VLANs on a single physical Ethernet interface, by creating several sub-interfaces (each of which acts as an independent Ethernet interface) for each Ethernet interface, which saves the interface resource effectively. 1-12 Huawei Proprietary and Confidential Issue 05 (2010-01-30) Copyright © Huawei Technologies Co., Ltd.
Page 34: Ip Services
1.3.8 Unicast Routing Protocols In terms of routing protocols, the NE20/20E can: Support both static routing and dynamic routing protocols such as RIP, OSPF, IS-IS and BGP. Issue 05 (2010-01-30) Huawei Proprietary and Confidential 1-13 Copyright © Huawei Technologies Co., Ltd.
Page 35: Multicast Routing Protocols
The MPLS functions of the NE20/20E are: Accelerate packet forwarding to a great extent. 1-14 Huawei Proprietary and Confidential Issue 05 (2010-01-30) Copyright © Huawei Technologies Co., Ltd.
Page 36: Vpn Services
Service Level Agreements (SLA). To the traffic beyond the SLA, the router can pass or drop the flow. Issue 05 (2010-01-30) Huawei Proprietary and Confidential 1-15 Copyright © Huawei Technologies Co., Ltd.
Page 37: Congestion Management
Confirmed Bandwidth Priority Queue (CBPQ) HQoS supports complete traffic statistics. You can view the bandwidth usage of all services and distribute bandwidth properly according to traffic analysis. 1-16 Huawei Proprietary and Confidential Issue 05 (2010-01-30) Copyright © Huawei Technologies Co., Ltd.
Page 38: Security Features
IP address and port to the mix of external IP address and port. This enables the hosts of internal network to access the Internet resources flexibly without hazarding the "privacy" of the internal network. Issue 05 (2010-01-30) Huawei Proprietary and Confidential 1-17 Copyright © Huawei Technologies Co., Ltd.
Page 39 2.5 Configuration Examples..........................2-7 2.5.1 Example for Login Through the Console Port ..................2-7 2.5.2 Example for Login Through Telnet....................2-10 2.5.3 Example for Login Through the AUX Port..................2-11 Issue 05 (2010-01-30) Huawei Proprietary and Confidential Copyright © Huawei Technologies Co., Ltd.
Page 40 Figure 2-5 Establishing the configuration environment through WAN............2-10 Figure 2-6 Running the Telnet program on the PC................... 2-11 Figure 2-7 Establishing the remote configuration environment ............... 2-11 Issue 05 (2010-01-30) Huawei Proprietary and Confidential Copyright © Huawei Technologies Co., Ltd.
Page 41: Establishment Of The Configuration Environment
AUX port. Through the AUX Port Example for Login Through the AUX. 2.5 Configuration Examples This section provides several examples of establishing configuration environments. Issue 05 (2010-01-30) Huawei Proprietary and Confidential Copyright © Huawei Technologies Co., Ltd.
Page 42: Introduction
Telnet client Quidway interface. Enter the command to check the running status of the router or to configure the router. Enter "?" for help. Huawei Proprietary and Confidential Issue 05 (2010-01-30) Copyright © Huawei Technologies Co., Ltd.
Page 43: Establishing The Configuration Environment Through The Aux Port
Installing terminal emulation program on the PC (such as Windows XP hyper terminal) Data Preparation To configure the router, you need the following data. Data Terminal communication parameters (including baud rate, data bit, parity, stop bit and flow control) Issue 05 (2010-01-30) Huawei Proprietary and Confidential Copyright © Huawei Technologies Co., Ltd.
Page 44: Establishing The Physical Connection
Before configuring the router through Telnet, complete the following tasks: Powering on devices and performing a self-check Preparing the PC (including the serial port and Ethernet crossover/direct network cable Huawei Proprietary and Confidential Issue 05 (2010-01-30) Copyright © Huawei Technologies Co., Ltd.
Page 45: Establishing The Physical Connection
Step 2 Enter the user name and password in the login window. After authentication, a command line prompt such as appears. Now enter the configuration environment in the user view. Quidway ----End Issue 05 (2010-01-30) Huawei Proprietary and Confidential Copyright © Huawei Technologies Co., Ltd.
Page 46: Establishing The Configuration Environment Through The Aux Port
Step 1 Connect the Modem with the PC and the network. Step 2 Connect the Modem with the router through the AUX port and the network. ----End Huawei Proprietary and Confidential Issue 05 (2010-01-30) Copyright © Huawei Technologies Co., Ltd.
Page 47: Figure 2-1 Networking Diagram Of Logging In Through The Console Port
Initialize the configuration of the router when the router is powered on for the first time. Figure 2-1 Networking diagram of logging in through the console port Router Issue 05 (2010-01-30) Huawei Proprietary and Confidential Copyright © Huawei Technologies Co., Ltd.
Page 48: Figure 2-2 New Connection
9600 bps, data bit to be 8, stop bit to be 1. Specify no parity and no flow control as shown from Figure 2-2 Figure 2-4. Figure 2-2 New connection Huawei Proprietary and Confidential Issue 05 (2010-01-30) Copyright © Huawei Technologies Co., Ltd.
Page 49: Figure 2-3 Setting The Port
When the self-check ends, you are prompted to press Enter until a command line prompt such as appears. Quidway Enter the command to check the running status of the router or configure the router. Enter "?" for help. Issue 05 (2010-01-30) Huawei Proprietary and Confidential Copyright © Huawei Technologies Co., Ltd.
Page 50: Figure 2-5 Establishing The Configuration Environment Through Wan
[Quidway] interface GigabitEthernet 1/0/0 [Quidway-GigabitEthernet1/0/0] ip address 202.38.160.92 255.255.0.0 [Quidway-GigabitEthernet1/0/0] quit # Configure login authentication mode [Quidway] aaa [Quidway-aaa] local-user huawei password cipher test2 [Quidway-aaa] local-user huawei service-type telnet [Quidway-aaa] local-user huawei level 3 2-10 Huawei Proprietary and Confidential Issue 05 (2010-01-30)
Page 51: Figure 2-6 Running The Telnet Program On The Pc
PC and the AUX port of the router through the Modem. The detailed configuration environment is shown as Figure 2-7. Figure 2-7 Establishing the remote configuration environment Modem Modem PSTN Router Issue 05 (2010-01-30) Huawei Proprietary and Confidential 2-11 Copyright © Huawei Technologies Co., Ltd.
Page 52: Configuration Procedure
Figure 2-7. Step 2 Configure the AUX port to support the Modem dialup. <Quidway> system-view [Quidway] aaa [Quidway-local-aaa-server] local-user huawei password cipher test1 [Quidway-local-aaa-server] local-user huawei service-type terminal [Quidway-local-aaa-server] local-user huawei level 3 [Quidway-local-aaa-server] quit [Quidway] user-interface aux 0 [Quidway-ui-aux0] authentication-mode aaa [Quidway-ui-aux0] modem both Step 3 Configure Modem parameters.
Page 53 3.10 Shortcut Keys ............................3-12 3.10.1 Classifying Shortcut Keys........................3-12 3.10.2 Defining Shortcut Keys........................3-14 3.10.3 Use of Shortcut Keys ........................3-14 3.11 Configuration Examples..........................3-14 3.11.1 Example for Using Shortcut Keys....................3-14 Issue 05 (2010-01-30) Huawei Proprietary and Confidential Copyright © Huawei Technologies Co., Ltd.
Page 54 Table 3-2 Common error messages of the command line...................3-8 Table 3-3 Access the history commands......................3-9 Table 3-4 Editing functions ..........................3-9 Table 3-5 Displaying functions.........................3-10 Table 3-6 Metacharacter description......................... 3-11 Table 3-7 System-defined shortcut keys ......................3-12 Issue 05 (2010-01-30) Huawei Proprietary and Confidential Copyright © Huawei Technologies Co., Ltd.
Page 55: Cli Overview
This section describes how to use regular expressions. Through Regular Expressions 3.10 Shortcut Keys This section describes how to use shortcut keys. 3.11 Configuration Examples This section provides examples for using shortcut keys. Issue 05 (2010-01-30) Huawei Proprietary and Confidential Copyright © Huawei Technologies Co., Ltd.
Page 56: Introduction
The command line interpreter provides intelligent command resolution methods such as key word fuzzy match and context conjunction. These methods make it easy for users to enter their commands. Huawei Proprietary and Confidential Issue 05 (2010-01-30) Copyright © Huawei Technologies Co., Ltd.
Page 57: Command Levels
Issue 05 (2010-01-30) Huawei Proprietary and Confidential Copyright © Huawei Technologies Co., Ltd.
Page 58: Configuring The Command Line View
But the function implemented associate with the command view. For example, the mpls command (for starting MPLS) can be run in the system view to enable the MPLS Huawei Proprietary and Confidential Issue 05 (2010-01-30) Copyright © Huawei Technologies Co., Ltd.
Page 59: Table 3-1 Command Line Views
DHCP address pool view E1 interface view E3 interface view ethernet Ethernet interface view explicit-path Explicit path view fr-class Frame relay view ftp-client FTP client view Issue 05 (2010-01-30) Huawei Proprietary and Confidential Copyright © Huawei Technologies Co., Ltd.
Page 60 Route policy view rsa-key-code RSA key code view rsa-public-key RSA public key view serial Serial interface view shell Shell view system System view T1 interface view T3 interface view Huawei Proprietary and Confidential Issue 05 (2010-01-30) Copyright © Huawei Technologies Co., Ltd.
Page 61: Online Help Of The Command Line
You can press Enter to run the command. Partial help # Enter a character string and ? a space to display all commands that begin with this character string. Issue 05 (2010-01-30) Huawei Proprietary and Confidential Copyright © Huawei Technologies Co., Ltd.
Page 62: Table 3-2 Common Error Messages Of The Command Line
Table 3-3. Table 3-3 Access the history commands Action Key or Command Result Display the display Display the history commands entered by users. history history-command commands. Huawei Proprietary and Confidential Issue 05 (2010-01-30) Copyright © Huawei Technologies Co., Ltd.
Page 63: Table 3-4 Editing Functions
Right cursor key → or Moves the cursor rightward by the space of a character. Ctrl+F When the cursor reaches the end of the command, the alarm bell rings. Issue 05 (2010-01-30) Huawei Proprietary and Confidential Copyright © Huawei Technologies Co., Ltd.
Page 64: Table 3-5 Displaying Functions
Continues to display the information on next line. 3.8 Outputting the Display 3.8.1 Viewing the Display Do as follows on the router: Run: display current-configuration The current configuration is displayed. 3-10 Huawei Proprietary and Confidential Issue 05 (2010-01-30) Copyright © Huawei Technologies Co., Ltd.
Page 65: Table 3-6 Metacharacter Description
Matches any character that is not within the specified range. The matches appear for n times (n is a non-negative integer). {n,} The matches appear for at least n times (n is a non-negative integer). Issue 05 (2010-01-30) Huawei Proprietary and Confidential 3-11 Copyright © Huawei Technologies Co., Ltd.
Page 66: Table 3-7 System-Defined Shortcut Keys
CTRL_F The cursor moves rightward by the space of a character. CTRL_H Deletes one character on the left of the cursor. CTRL_K Terminates the outbound connection. 3-12 Huawei Proprietary and Confidential Issue 05 (2010-01-30) Copyright © Huawei Technologies Co., Ltd.
Page 67: Defining Shortcut Keys
That is, spaces exist in the command. Configure as follows in the system view. Action Command Define shortcut hotkey { CTRL_G | CTRL_L | CTRL_O } command-text keys. Issue 05 (2010-01-30) Huawei Proprietary and Confidential 3-13 Copyright © Huawei Technologies Co., Ltd.
Page 68: Defining Shortcut Keys
D 127.0.0.1 InLoopBack0 127.0.0.0/8 Direct D 127.0.0.1 InLoopBack0 127.0.0.1/32 Direct 0 D 127.0.0.1 InLoopBack0 127.255.255.255/32 Direct 0 D 127.0.0.1 InLoopBack0 255.255.255.255/32 Direct 0 D 127.0.0.1 InLoopBack0 3-14 Huawei Proprietary and Confidential Issue 05 (2010-01-30) Copyright © Huawei Technologies Co., Ltd.
Page 69: Copying Commands Using Shortcut Keys
Step 2 Run the display clipboard command to view the contents on the clipboard. <Quidway> display clipboard ---------------- CLIPBOARD----------------- display ip routing-table Step 3 Press Ctrl+Shift+V to paste the contents of clipboard. <Quidway> display ip routing-table ----End Issue 05 (2010-01-30) Huawei Proprietary and Confidential 3-15 Copyright © Huawei Technologies Co., Ltd.
Page 70: Introduction
4.2.6 Configuring the Password for Switching User Levels .................4-5 4.2.7 Switching User Levels .........................4-5 4.2.8 Locking the User Interface........................4-6 4.2.9 Configuring Command Privilege Levels....................4-6 4.2.10 Displaying System Status Messages ....................4-7 Issue 05 (2010-01-30) Huawei Proprietary and Confidential Copyright © Huawei Technologies Co., Ltd.
Page 71: Basic Configuration
Description 4.1 Introduction This section describes the basic configurations. 4.2 Configuring Basic System This section describes how to configure the basic system Environment environment on the router. Issue 05 (2010-01-30) Huawei Proprietary and Confidential Copyright © Huawei Technologies Co., Ltd.
Page 72: Extension Of Command Levels
Before configuring the services, you need to configure the basic system environments to meet the requirements of the practical environments. Pre-configuration Tasks Before configuring basic system environment, power on the router. Huawei Proprietary and Confidential Issue 05 (2010-01-30) Copyright © Huawei Technologies Co., Ltd.
Page 73: Configuring The Password For Switching User Levels
By default, the English mode is used. The help information on the router can be in English and in Chinese. When you need the help information in Chinese, run this command to switch the language mode. Issue 05 (2010-01-30) Huawei Proprietary and Confidential Copyright © Huawei Technologies Co., Ltd.
Page 74: Configuring The Device Name
To guarantee cooperation with other devices, you need to accurately set the system time. The product supports setting the time zone and daylight time. 4.2.5 Configuring the Header Text Do as follows on the router: Step 1 Run: system-view Huawei Proprietary and Confidential Issue 05 (2010-01-30) Copyright © Huawei Technologies Co., Ltd.
Page 75: Configuring The Password For Switching User Levels
When users log in to the router with a lower user level, they switch to a super user level to perform advanced operations by entering the corresponding password. The password needs to be configured beforehand. 4.2.7 Switching User Levels Do as follows on the router: Run: Issue 05 (2010-01-30) Huawei Proprietary and Confidential Copyright © Huawei Technologies Co., Ltd.
Page 76: Locking The User Interface
Step 2 Run: command-privilege level rearrange The command levels are advanced in batches. Step 3 Run: command-privilege level level view view-name command-key The command level is set. ----End Huawei Proprietary and Confidential Issue 05 (2010-01-30) Copyright © Huawei Technologies Co., Ltd.
Page 77: Displaying System Status Messages
But you cannot collect enough information, because there are many display commands. You can use the display diagnostic-information command to collect the running information of the current modules in the system. Issue 05 (2010-01-30) Huawei Proprietary and Confidential Copyright © Huawei Technologies Co., Ltd.
Page 78 Run the display system slave-restart command to display the restarting information of the Slave Main Board (SMB) for the last 10 times. The restarting time and possible causes are recorded. Huawei Proprietary and Confidential Issue 05 (2010-01-30) Copyright © Huawei Technologies Co., Ltd.
Page 79 5.4.3 Configuring the Service Type of the Local User................5-16 5.4.4 Configuring FTP Directory Authority of the Local User ..............5-17 5.4.5 Configuring the Local User Status .....................5-17 5.4.6 Configuring the Local User Priority ....................5-17 Issue 05 (2010-01-30) Huawei Proprietary and Confidential Copyright © Huawei Technologies Co., Ltd.
Page 80 5.4.8 Checking the Configuration .......................5-18 5.5 Configuration Examples..........................5-18 5.5.1 Example for Logging In to the Router Through Password Authentication ........5-19 5.5.2 Example for Logging In to the Router Through AAA ...............5-20 Huawei Proprietary and Confidential Issue 05 (2010-01-30) Copyright © Huawei Technologies Co., Ltd.
Page 81 Quidway NetEngine20/20E Configuration Guide - Basic Configurations Tables Tables Table 5-1 Example for the absolute numbering ....................5-3 Issue 05 (2010-01-30) Huawei Proprietary and Confidential Copyright © Huawei Technologies Co., Ltd.
Page 82: User Management
This section describes how to configure the local user User Management management. 5.5 Configuration Examples This section provides examples for logging in to the router in different ways. Issue 05 (2010-01-30) Huawei Proprietary and Confidential Copyright © Huawei Technologies Co., Ltd.
Page 83: Introduction
AUX port and there are15 VTY interfaces. You can use the user-interface maximum-vty command to set the maximum number of user interfaces. The default number is five. Huawei Proprietary and Confidential Issue 05 (2010-01-30) Copyright © Huawei Technologies Co., Ltd.
Page 84: Table 5-1 Example For The Absolute Numbering
Point-to-Point Protocol (PPP) users: They establish PPP connections (such as dialing and PPPoA) with the router to access the network. Secure Shell (SSH) users: They establish SSH connections with the router to access the network. Issue 05 (2010-01-30) Huawei Proprietary and Confidential Copyright © Huawei Technologies Co., Ltd.
Page 85: User Authentication
For the configuration of PPP user, refer to Quidway NetEngine20/20E Series Routers Configuration Guide - Security. 5.2 Configuring a User Interface 5.2.1 Establishing the Configuration Task Applicable Environment To guarantee a smooth and secure login, do as follows: Huawei Proprietary and Confidential Issue 05 (2010-01-30) Copyright © Huawei Technologies Co., Ltd.
Page 86: Configuring A User Interface
Setting Terminal Attributes Configuring the User Interface Configuring Modem Attributes Configuring an Auto-executed Command Configuring the Redirection Function Configuring the Call-in or Call-out Restrictions of the VTY User Interface Issue 05 (2010-01-30) Huawei Proprietary and Confidential Copyright © Huawei Technologies Co., Ltd.
Page 87: Transmitting Messages Between User Interfaces
{ even | mark | none | odd | space } The parity mode is set. Step 6 Run: stopbits { 1.5 | 1 | 2 } Huawei Proprietary and Confidential Issue 05 (2010-01-30) Copyright © Huawei Technologies Co., Ltd.
Page 88: Setting Terminal Attributes
5.2.5 Configuring the User Interface Priority Do as follows on the router that the user logs in to: Step 1 Run: system-view The system view is displayed. Issue 05 (2010-01-30) Huawei Proprietary and Confidential Copyright © Huawei Technologies Co., Ltd.
Page 89: Configuring Modem Attributes
The automatic answer is set. Step 5 Run: modem [ both | call-in ] The incoming and outgoing calls are set. ----End 5.2.7 Configuring an Auto-executed Command Huawei Proprietary and Confidential Issue 05 (2010-01-30) Copyright © Huawei Technologies Co., Ltd.
Page 90: Configuring The Redirection Function
Step 2 Run: user-interface [ ui-type ] first-ui-number [ last-ui-number ] The user interface view is displayed. Step 3 Run: redirect The Telnet redirection is enabled. ----End Issue 05 (2010-01-30) Huawei Proprietary and Confidential Copyright © Huawei Technologies Co., Ltd.
Page 91: Configuring The Call-In Or Call-Out Restrictions Of The Vty User Interface
15, run the authentication-mode and the set authentication password commands to configure the authentication mode and the password for 5-14 VTY user interfaces. The configuration is as follows: 5-10 Huawei Proprietary and Confidential Issue 05 (2010-01-30) Copyright © Huawei Technologies Co., Ltd.
Page 92: Configuring The Authentication Timeout Time For Vty Users
<Quidway> system-view [Quidway] user-interface maximum-vty 15 [Quidway] user-interface vty 5 14 [Quidway-ui-vty5-14] authentication-mode password [Quidway-ui-vty5-14] set authentication password cipher huawei 5.2.11 Configuring the Authentication Timeout Time for VTY Users Do as follows on the router that the user logs in to:...
Page 93: Establishing The Configuration Task
To configure user management, you need the following data. Data Authentication mode Username and password User priority Configuration Procedures Procedure Configuring Authentication Mode Configuring the Authentication Password 5-12 Huawei Proprietary and Confidential Issue 05 (2010-01-30) Copyright © Huawei Technologies Co., Ltd.
Page 94: Configuring Authentication Mode
Step 3 Run: set authentication password { cipher | simple } password The authentication password is configured. ----End The default authentication mode is the password authentication. Issue 05 (2010-01-30) Huawei Proprietary and Confidential 5-13 Copyright © Huawei Technologies Co., Ltd.
Page 95: Setting Username And Password For Aaa Local Authentication
Check the user information. display users [ all ] Check the information of local users. display local-user Check the information of the access users. display access-user 5-14 Huawei Proprietary and Confidential Issue 05 (2010-01-30) Copyright © Huawei Technologies Co., Ltd.
Page 96: Configuring The Local User Management
Configuring the Access Restriction of the Local User Checking the Configuration 5.4.2 Creating the Local User Account Do as follows on the broadband access router: Step 1 Run: system-view Issue 05 (2010-01-30) Huawei Proprietary and Confidential 5-15 Copyright © Huawei Technologies Co., Ltd.
Page 97: Configuring The Service Type Of The Local User
Do as follows on the broadband access router: Step 1 Run: system-view The system view is displayed. Step 2 Run: The AAA view is displayed. Step 3 Run: local-user user-name ftp-directory directory 5-16 Huawei Proprietary and Confidential Issue 05 (2010-01-30) Copyright © Huawei Technologies Co., Ltd.
Page 98: Configuring The Access Restriction Of The Local User
The local user priority is configured. ----End 5.4.7 Configuring the Access Restriction of the Local User Do as follows on the broadband access router: Step 1 Run: system-view Issue 05 (2010-01-30) Huawei Proprietary and Confidential 5-17 Copyright © Huawei Technologies Co., Ltd.
Page 99: Checking The Configuration
Networking Requirements The COM port of the PC is connected with the Console port. Set the priority of VTY0 to 2 and authenticate the passwords of users. Users need to input the password Huawei to log on successfully. After login, if the operations are not carried out in 30 minutes, it means that the user-interface is disconnected from the router.
Page 100: Configuration Files
Configuration Procedure <Quidway> system-view [Quidway] user-interface vty 0 [Quidway-ui-vty0] user privilege level 2 [Quidway-ui-vty0] authentication-mode password [Quidway-ui-vty0] set authentication password simple huawei [Quidway-ui-vty0] idle-timeout 30 # Use the display this command to check all configurations. [Quidway-ui-vty0] display this user-interface con 0...
Page 101: Example For Logging In To The Router Through Aaa
The COM port of the PC and the console port of the router are connected. Configure the priority of VTY0 to be 2, perform AAA authentication on the user that logs in through VTY 0. The login user must enter the username "Huawei" and the password "Huawei".
Page 102 Configuration Guide - Basic Configurations 5 User Management authorization-scheme default accounting-scheme default domain default user-interface vty 0 authentication-mode aaa user privilege level 2 idle-timeout 30 0 return Issue 05 (2010-01-30) Huawei Proprietary and Confidential 5-21 Copyright © Huawei Technologies Co., Ltd.
Page 103 6.3.6 Deleting Files in the Recycle Bin......................6-7 6.3.7 Undeleting Files ...........................6-7 6.4 Configuring Batch Configuration........................6-8 6.5 Managing Storage Devices..........................6-9 6.6 Configuring Prompt Modes...........................6-9 6.7 Example for Configuring Directory Management..................6-10 Issue 05 (2010-01-30) Huawei Proprietary and Confidential Copyright © Huawei Technologies Co., Ltd.
Page 104: File System
6.6 Configuring Prompt This section describes how to configure the prompt mode. Modes 6.7 Example for Configuring This section provides an example for configuring Directory Management directory management. Issue 05 (2010-01-30) Huawei Proprietary and Confidential Copyright © Huawei Technologies Co., Ltd.
Page 105: Introduction
6.2.1 Establishing the Configuration Task Applicable Environment When you need to transfer files between the client and the server, configure the directory by using the file system. Huawei Proprietary and Confidential Issue 05 (2010-01-30) Copyright © Huawei Technologies Co., Ltd.
Page 106: Viewing The Current Directory
The current directory is displayed. ----End 6.2.3 Switching the Directory Step 1 Enter the user view. Step 2 Run: cd directory A directory is specified, and the specified directory is displayed. Issue 05 (2010-01-30) Huawei Proprietary and Confidential Copyright © Huawei Technologies Co., Ltd.
Page 107: Displaying The Directory Of File
Do as follows on the router: Step 1 Enter the user view. Step 2 Run: cd directory The parent directory of the directory to be deleted is displayed. Huawei Proprietary and Confidential Issue 05 (2010-01-30) Copyright © Huawei Technologies Co., Ltd.
Page 108: Managing Files
File name to be created File name to be deleted Configuration Procedures Procedure Displaying Contents of Copying Moving Renaming Deleting Deleting Files in the Recycle Bin Undeleting Files Issue 05 (2010-01-30) Huawei Proprietary and Confidential Copyright © Huawei Technologies Co., Ltd.
Page 109: Displaying Contents Of A File
Step 1 Enter the user view. Step 2 Run: cd directory The directory of the file is displayed. Step 3 Run: move source-filename destination-filename The file is moved. Huawei Proprietary and Confidential Issue 05 (2010-01-30) Copyright © Huawei Technologies Co., Ltd.
Page 110: Renaming A File
Running this command deletes only the files in the recycle bin of the master Routing Process Unit (RPU). 6.3.7 Undeleting Files Do as follows on the router: Issue 05 (2010-01-30) Huawei Proprietary and Confidential Copyright © Huawei Technologies Co., Ltd.
Page 111: Configuring Batch Configuration
Configuration Procedure Do as follows on the router: Step 1 Run: system-view The system view is displayed. Step 2 Run: execute filename The batched file is executed. ----End Huawei Proprietary and Confidential Issue 05 (2010-01-30) Copyright © Huawei Technologies Co., Ltd.
Page 112: Managing Storage Devices
If quiet is selected as the prompt mode of the file system, no prompt is displayed when mis-operation such as deleting a file, which results in data loss, is performed. Issue 05 (2010-01-30) Huawei Proprietary and Confidential Copyright © Huawei Technologies Co., Ltd.
Page 113: Example For Configuring Directory Management
The file path in the memory must be correct. If you do not specify the target file name, the target file name is the source file name by default, that is, the target file name is the same as the source file name. 6-10 Huawei Proprietary and Confidential Issue 05 (2010-01-30) Copyright © Huawei Technologies Co., Ltd.
Page 114 4 Mar 01 2004 21:19:27 snmpboots -rw- 80 Mar 09 2004 09:47:36 header-file.txt drw- - Mar 09 2004 09:50:38 log.txt 63881 KB total (20998 KB free) ----End Issue 05 (2010-01-30) Huawei Proprietary and Confidential 6-11 Copyright © Huawei Technologies Co., Ltd.
Page 115: Introduction
7.2.2 Viewing the Current Configuration......................7-3 7.2.3 Viewing the Running Configuration in the Current View..............7-3 7.3 Saving the Current Configuration .........................7-3 7.4 Clearing the Running Information ........................7-3 7.5 Comparing Configuration Files........................7-4 Issue 05 (2010-01-30) Huawei Proprietary and Confidential Copyright © Huawei Technologies Co., Ltd.
Page 116: Management Of Configuration Files
This section describes how to clear the configuration file Information in the storage devices. 7.5 Comparing Configuration This section describes how to compare the current Files configuration to the configuration file. Issue 05 (2010-01-30) Huawei Proprietary and Confidential Copyright © Huawei Technologies Co., Ltd.
Page 117: Introduction
For details about the running information, refer to the Quidway NetEngine20/20E Series RoutersCommand Reference. 7.2.1 Viewing the Intial Configuration Do as follows on the router: Run: Huawei Proprietary and Confidential Issue 05 (2010-01-30) Copyright © Huawei Technologies Co., Ltd.
Page 118: Viewing The Current Configuration
The current configuration is saved. 7.4 Clearing the Running Information Do as follows on the router: Run: reset saved-configuration The configuration file in the storage devices is cleared. Issue 05 (2010-01-30) Huawei Proprietary and Confidential Copyright © Huawei Technologies Co., Ltd.
Page 119: Comparing Configuration Files
Do as follows on the router: Run: compare configuration [ line-number1 line-number2 ] The current configuration is compared to the contents of the configuration file saved in the storage devices. Huawei Proprietary and Confidential Issue 05 (2010-01-30) Copyright © Huawei Technologies Co., Ltd.
Page 120 8.5 Configuring TFTP ............................8-12 8.5.1 Establishing the Configuration Task ....................8-12 8.5.2 Downloading Files Through TFTP ....................8-12 8.5.3 Uploading Files Through TFTP ......................8-13 8.6 Limiting the Access to the TFTP Server......................8-13 Issue 05 (2010-01-30) Huawei Proprietary and Confidential Copyright © Huawei Technologies Co., Ltd.
Page 121 8.8.1 Example for Configuring the FTP Server ..................8-16 8.8.2 Example for Configuring FTP ACL....................8-18 8.8.3 Example for Configuring the FTP Client ...................8-20 8.8.4 Example for Configuring TFTP ......................8-21 8.8.5 Example for Configuring XModem ....................8-23 Huawei Proprietary and Confidential Issue 05 (2010-01-30) Copyright © Huawei Technologies Co., Ltd.
Page 122 Figure 8-4 Using TFTP to download files ......................8-21 Figure 8-5 Setting the Base Directory of the TFTP server ................8-22 Figure 8-6 Specifying the file to be sent......................8-23 Issue 05 (2010-01-30) Huawei Proprietary and Confidential Copyright © Huawei Technologies Co., Ltd.
Page 123: Ftp, Tftp And Xmodem
TFTP router. 8.7 Configuring XModem This section describes how to transfer files through XModem. 8.8 Configuration Examples This section provides examples for configuring FTP, TFTP, and XModem. Issue 05 (2010-01-30) Huawei Proprietary and Confidential Copyright © Huawei Technologies Co., Ltd.
Page 124: Introduction
After the negotiation succeeds, the sending program begins to send packets. When the receiving program receives a complete packet, it checks the packet according to the negotiated mode: Huawei Proprietary and Confidential Issue 05 (2010-01-30) Copyright © Huawei Technologies Co., Ltd.
Page 125: Configuring The Router To Be The Ftp Server
FTP username and password The file directory authorized to the FTP user The timeout time of the FTP server Configuration Procedures Procedure Enabling the FTP Server Configuring the Timeout Period Issue 05 (2010-01-30) Huawei Proprietary and Confidential Copyright © Huawei Technologies Co., Ltd.
Page 126: Enabling The Ftp Server
8.2.4 Configuring the Local Username and the Password Do as follows on the router that serves as the FTP server: Step 1 Run: system-view The system view is displayed. Step 2 Run: Huawei Proprietary and Confidential Issue 05 (2010-01-30) Copyright © Huawei Technologies Co., Ltd.
Page 127: Configuring Service Types And Authorization Information
User count Timeout value(in minute) Acl number Run the display ftp-users command. If the information of the login FTP users is displayed, it means that the configuration succeeds. Issue 05 (2010-01-30) Huawei Proprietary and Confidential Copyright © Huawei Technologies Co., Ltd.
Page 128: Configuring Ftp Acl
Configuring the Basic ACL Configuring the Basic FTP ACL 8.3.2 Enabling the FTP Server Do as follows on the router that serves as the FTP server: Step 1 Run: Huawei Proprietary and Confidential Issue 05 (2010-01-30) Copyright © Huawei Technologies Co., Ltd.
Page 129: Configuring The Basic Acl
Do as follows on the router that serves as the FTP server: Step 1 Run: system-view The system view is displayed. Step 2 Run: ftp acl acl-number The basic FTP ACL is configured. ----End Issue 05 (2010-01-30) Huawei Proprietary and Confidential Copyright © Huawei Technologies Co., Ltd.
Page 130: Configuring The Router To Be The Ftp Client
Perform the following on the router that serves as the client as required: In different views, the connection methods set up with the FTP server are different. Huawei Proprietary and Confidential Issue 05 (2010-01-30) Copyright © Huawei Technologies Co., Ltd.
Page 131: Configuring File Transmission Mode
8.4.5 Uploading or Downloading Files Do as follows on the router that serves as the client: Step 1 Run: ftp [ host [ port-number ] ] [ vpn-instance vpn-instace-name ] Issue 05 (2010-01-30) Huawei Proprietary and Confidential Copyright © Huawei Technologies Co., Ltd.
Page 132: Managing Directories
The specified directory of the FTP client is displayed. Run: mkdir remote-directory A directory is created on the FTP server. Run: rmdir remote-directory A directory is deleted on the FTP server. ----End 8-10 Huawei Proprietary and Confidential Issue 05 (2010-01-30) Copyright © Huawei Technologies Co., Ltd.
Page 133: Managing Files
To disconnect the FTP connection and return to the user view, run: quit To disconnect the FTP connection and return to the FTP view, run: disconnect close Issue 05 (2010-01-30) Huawei Proprietary and Confidential 8-11 Copyright © Huawei Technologies Co., Ltd.
Page 134: Configuring Tftp
[ destination-filename ] The router is configured to download files through TFTP. When the server IP address is in IPv6 format, run: 8-12 Huawei Proprietary and Confidential Issue 05 (2010-01-30) Copyright © Huawei Technologies Co., Ltd.
Page 135: Uploading Files Through Tftp
Connecting the TFTP client with the server Data Preparation To configure TFTP, you need the following data. Data IP address of the TFTP server ACL number Issue 05 (2010-01-30) Huawei Proprietary and Confidential 8-13 Copyright © Huawei Technologies Co., Ltd.
Page 136: Configuring The Basic Acl
The system view is displayed. Step 2 Run: tftp-server [ ipv6 ] acl acl-number ACL is used to limit the access to the TFTP server. ----End 8-14 Huawei Proprietary and Confidential Issue 05 (2010-01-30) Copyright © Huawei Technologies Co., Ltd.
Page 137: Configuring Xmodem
Getting a File Through XModem 8.7.2 Getting a File Through XModem Do as follows on the router: Run: xmodem get filename XModem is used to get the file. Issue 05 (2010-01-30) Huawei Proprietary and Confidential 8-15 Copyright © Huawei Technologies Co., Ltd.
Page 138: Figure 8-1 Using Ftp To Download Files
Data Preparation To complete the configuration, you need the following data: FTP username as quidway and password as huawei on the server The correct path of the original files on the FTP server The destination file name and its position in the router Configuration Procedure Step 1 Enable FTP on the FTP server and configure the authentication information of the FTP user.
Page 139 8 FTP, TFTP and XModem [Server] ftp timeout 30 [Server] aaa [Server -aaa] local-user quidway password simple huawei Step 2 Configure the authorization mode and directory of the FTP user on the FTP server [Server -aaa] local-user quidway service-type ftp...
Page 140: Figure 8-2 Ftp Acl
To complete the configuration, you need the following data: ACL number Configuration Procedure Step 1 Configure basic FTP functions. Refer to "Configuring the Router to be the FTP Server". 8-18 Huawei Proprietary and Confidential Issue 05 (2010-01-30) Copyright © Huawei Technologies Co., Ltd.
Page 141 172.16.104.110 255.255.255.0 local-user quidway password simple Huawei local-user quidway service-type ftp local-user quidway ftp-directory flash:/ftp/system authentication-scheme default authorization-scheme default accounting-scheme default domain default Return Issue 05 (2010-01-30) Huawei Proprietary and Confidential 8-19 Copyright © Huawei Technologies Co., Ltd.
Page 142: Figure 8-3 Configuring The Ftp Client
[ftp] lcd flash:/ % Local directory now flash: Step 3 Download the newest system software from the remote FTP server on the router. [ftp] get ne20.bin [ftp] quit 8-20 Huawei Proprietary and Confidential Issue 05 (2010-01-30) Copyright © Huawei Technologies Co., Ltd.
Page 143: Figure 8-4 Using Tftp To Download Files
The destination file name and its path on the Quidway router. Configuration Procedure Step 1 Start the TFTP server, set its Base Directory as the directory where the ne20.bin file resides. Figure 8-5 shows the interface. Issue 05 (2010-01-30) Huawei Proprietary and Confidential 8-21 Copyright © Huawei Technologies Co., Ltd.
Page 144: Figure 8-5 Setting The Base Directory Of The Tftp Server
1004 Feb 05 2001 09:51:22 vrp1.zip -rw- 6247 May 19 2006 15:00:10 license.txt -rw- 14343 May 16 2006 14:13:42 paf.txt.bak 63881 KB total (20998 KB free) ----End 8-22 Huawei Proprietary and Confidential Issue 05 (2010-01-30) Copyright © Huawei Technologies Co., Ltd.
Page 145: Figure 8-6 Specifying The File To Be Sent
During the course of the download no exec input/output will be Issue 05 (2010-01-30) Huawei Proprietary and Confidential 8-23 Copyright © Huawei Technologies Co., Ltd.
Page 146 3844 Jul 14 2004 11:51:45 exception.dat -rw- 8628372 Jun 01 2005 10:14:34 vrp330-0521.01.bin -rw- 45 Jul 27 2005 10:51:26 test.txt 63881 KB total (21753 KB free) ----End 8-24 Huawei Proprietary and Confidential Issue 05 (2010-01-30) Copyright © Huawei Technologies Co., Ltd.
Page 147 9.4.7 Configuring the Interval for Updating the Key Pair on the SSH Server ..........9-17 9.4.8 Checking the Configuration .......................9-17 9.5 Configuring the STelnet Client Function ....................9-17 9.5.1 Establishing the Configuration Task ....................9-17 Issue 05 (2010-01-30) Huawei Proprietary and Confidential Copyright © Huawei Technologies Co., Ltd.
Page 148 9.8.3 Example for Connecting the SFTP Client to the SSH Server ............9-33 9.8.4 Example for Accessing the SSH Server Through Other Port Numbers ..........9-37 9.8.5 Example for Authenticating SSH Through RADIUS.................9-43 Huawei Proprietary and Confidential Issue 05 (2010-01-30) Copyright © Huawei Technologies Co., Ltd.
Page 149 Figure 9-7 Networking diagram of connecting the SFTP client to the SSH server ..........9-34 Figure 9-8 Networking diagram of accessing the SSH server through other port numbers ......9-38 Figure 9-9 Networking diagram of authenticating the SSH through RADIUS ..........9-43 Issue 05 (2010-01-30) Huawei Proprietary and Confidential Copyright © Huawei Technologies Co., Ltd.
Page 150: Telnet And Ssh
9.1 Introduction This section covers the following topic that you need to know you configure Telnet and SSH: Overview of User Login Telnet Terminal Services SSH Terminal Services Issue 05 (2010-01-30) Huawei Proprietary and Confidential Copyright © Huawei Technologies Co., Ltd.
Page 151: Figure 9-1 Telnet Client Services
Router B and Router B is the client of Router C. Figure 9-2 illustrates the usage of the two types of shortcut keys. Huawei Proprietary and Confidential Issue 05 (2010-01-30) Copyright © Huawei Technologies Co., Ltd.
Page 152: Figure 9-2 Usage Of Telnet Shortcut Keys
SSH server or a UNIX host. As shown in Figure 9-3 Figure 9-4, an SSH channel is set up for the local connection and the Wide Area Network (WAN) connection. Issue 05 (2010-01-30) Huawei Proprietary and Confidential Copyright © Huawei Technologies Co., Ltd.
Page 153: Figure 9-3 Establishing An Ssh Channel In A Lan
SSH. This is to prevent the password from being intercepted. SSH provides encryption to the transmitted data to guarantee security and reliability. − SFTP client Huawei Proprietary and Confidential Issue 05 (2010-01-30) Copyright © Huawei Technologies Co., Ltd.
Page 154 After the authentication succeeds, the client sends the session request to the server. The server then processes this request and the interactive session is performed. Performing the interactive session Issue 05 (2010-01-30) Huawei Proprietary and Confidential Copyright © Huawei Technologies Co., Ltd.
Page 155: Configuring Telnet Terminal Services
Number of the TCP port that provides Telnet services on the remote router Timeout period of the user interface Configuration Procedures Procedure Establishing a Telnet Connection Scheduled Telnet Disconnection Checking the Configuration Huawei Proprietary and Confidential Issue 05 (2010-01-30) Copyright © Huawei Technologies Co., Ltd.
Page 156: Establishing A Telnet Connection
Run the following commands to check the previous configuration. Action Command Check the connection status of the current display users user-interface. Check the connection status of all user-interfaces. display users all Issue 05 (2010-01-30) Huawei Proprietary and Confidential Copyright © Huawei Technologies Co., Ltd.
Page 157: Configuring Ssh Users
Authentication mode of SSH users Service type of SSH users Name of the peer RSA public key assigned to SSH users Operating directory of the SFTP service for SSH users Huawei Proprietary and Confidential Issue 05 (2010-01-30) Copyright © Huawei Technologies Co., Ltd.
Page 158: Creating An Ssh User
{cipher| simple } password The local user is created. ----End If the SSH user is not created separately, you can create the SSH user when performing the following configurations: Issue 05 (2010-01-30) Huawei Proprietary and Confidential Copyright © Huawei Technologies Co., Ltd.
Page 159: Configuring Ssh For The Vty User Interface
To log in to the SSH server, the local RSA key pair must be configured and generated first. Before the other configurations of SSH, you must configure the rsa local-key-pair create command to generate a local key pair. 9-10 Huawei Proprietary and Confidential Issue 05 (2010-01-30) Copyright © Huawei Technologies Co., Ltd.
Page 160: Configuring The Authentication Mode For Ssh Users
The public key editing view is displayed. Run: hex-data The public key is edited. Run: public-key-code end Quit the public key editing view. Run: Issue 05 (2010-01-30) Huawei Proprietary and Confidential 9-11 Copyright © Huawei Technologies Co., Ltd.
Page 161: Configuring The Basic Authentication Information For Ssh Users
Management" in the Quidway NetEngine20/20E Series Routers Configuration Guide - Security. This section describes how to configure the command line authorization in RSA mode. Do as follows on the login router: Step 1 Run: 9-12 Huawei Proprietary and Confidential Issue 05 (2010-01-30) Copyright © Huawei Technologies Co., Ltd.
Page 162: Configuring The Service Type Of Ssh Users
The authorized directory of SFTP service for SSH users is configured. ----End 9.3.10 Checking the Configuration Run the following commands to check the previous configuration. Issue 05 (2010-01-30) Huawei Proprietary and Confidential 9-13 Copyright © Huawei Technologies Co., Ltd.
Page 163: Configuring The Ssh Server
To configure SSH servers, you need the following data. Data Number of the port monitored by the SSH server Configuration Procedures Procedure Enabling the STelnet Service Enabling the SFTP Service 9-14 Huawei Proprietary and Confidential Issue 05 (2010-01-30) Copyright © Huawei Technologies Co., Ltd.
Page 164: Enabling The Stelnet Service
9.4.4 Enabling the Earlier Version-Compatible Function Do as follows on the router that serves as the SSH server: Step 1 Run: system-view The system view is displayed. Step 2 Run: Issue 05 (2010-01-30) Huawei Proprietary and Confidential 9-15 Copyright © Huawei Technologies Co., Ltd.
Page 165: Configuring The Number Of The Port Monitored By The Ssh Server
Do as follows on the login router: Step 1 Run: system-view The system view is displayed. Step 2 Run: snmp-agent trap enable ssh The trap function is enabled. ----End 9-16 Huawei Proprietary and Confidential Issue 05 (2010-01-30) Copyright © Huawei Technologies Co., Ltd.
Page 166: Configuring The Interval For Updating The Key Pair On The Ssh Server
Generating the local RSA key pair on the SSH server Configuring the SSH user on the SSH server Enabling the STelnet service on the SSH server Issue 05 (2010-01-30) Huawei Proprietary and Confidential 9-17 Copyright © Huawei Technologies Co., Ltd.
Page 167: Enabling The First-Time Authentication On The Ssh Client
Step 1 Run: system-view The system view is displayed. Step 2 Run: ssh client first-time enable The first-time authentication on the SSH client is enabled. ----End 9-18 Huawei Proprietary and Confidential Issue 05 (2010-01-30) Copyright © Huawei Technologies Co., Ltd.
Page 168: Configuring The Ssh Client To Assign The Rsa Public Key To The Ssh Server
[ prefer-stoc-hmac { sha1 | sha1-96 | md5 | md5-96 } ] [ -vpn-instance vpn-instance-name ] The SSH server is logged in to through STelnet. ----End Issue 05 (2010-01-30) Huawei Proprietary and Confidential 9-19 Copyright © Huawei Technologies Co., Ltd.
Page 169: Checking The Configuration
Preferred encrypted algorithm from the SFTP client to the SSH server Preferred encrypted algorithm from the SFTP server to the SSH client Preferred HMAC algorithm from the SFTP client to the SSH server 9-20 Huawei Proprietary and Confidential Issue 05 (2010-01-30) Copyright © Huawei Technologies Co., Ltd.
Page 170: Configuring The First-Time Authentication On The Ssh Client
9.6.4 Enabling the SFTP Client Do as follows on the router that serves as the SSH client: Step 1 Run: system-view The system view is displayed. Issue 05 (2010-01-30) Huawei Proprietary and Confidential 9-21 Copyright © Huawei Technologies Co., Ltd.
Page 171: Managing The Directory
The current operating directory of users is displayed. Run: dir/ls [ remote-directory ] The file list in the specified directory is displayed. Run: rmdir remote-directory The directory on the server is deleted. 9-22 Huawei Proprietary and Confidential Issue 05 (2010-01-30) Copyright © Huawei Technologies Co., Ltd.
Page 172: Managing The File
After the SFTP client logs in to the SSH server, you can change the file name, delete the file, display the file list, upload and download the file on the SFTP client side. 9.6.7 Displaying the SFTP Client Command Help Issue 05 (2010-01-30) Huawei Proprietary and Confidential 9-23 Copyright © Huawei Technologies Co., Ltd.
Page 173: Checking The Configuration
Debugging SSH Terminal Services 9.7.1 Debugging Telnet Terminal Services When a Telnet fault occurs, run the following debugging command in the user view to locate the fault. 9-24 Huawei Proprietary and Confidential Issue 05 (2010-01-30) Copyright © Huawei Technologies Co., Ltd.
Page 174: Debugging Ssh Terminal Services
Action Command Enable the debugging of the debugging ssh server { vty index | all }{ message | event | SSH function. packet | all } Issue 05 (2010-01-30) Huawei Proprietary and Confidential 9-25 Copyright © Huawei Technologies Co., Ltd.
Page 175: Figure 9-5 Networking Diagram Of The Telnet Terminal Services Mode
<RouterB> system-view [RouterB] interface gigabitethernet1/0/0 [RouterB-GigabitEthernet1/0/0] ip address 1.1.1.2 24 Step 2 Configure the authentication mode and the password of Telnet on Router B. <RouterB> system-view 9-26 Huawei Proprietary and Confidential Issue 05 (2010-01-30) Copyright © Huawei Technologies Co., Ltd.
Page 176: Example For Connecting The Stelnet Client To The Ssh Server
9-6, after the STelnet service is enabled on the SSH server, the STelnet client can log in to the SSH server through the password or RSA authentication. Configure two login clients: Issue 05 (2010-01-30) Huawei Proprietary and Confidential 9-27 Copyright © Huawei Technologies Co., Ltd.
Page 177: Figure 9-6 Networking Diagram Of Connecting The Stelnet Client To The Ssh Server
Quidway NetEngine20/20E 9 Telnet and SSH Configuration Guide - Basic Configurations Configure Client001 with the password as huawei and adopt the password authentication. Configure Client002, adopt the RSA authentication and assign the public key RsaKey001 to Client002. The user interface supports only SSH.
Page 178 # Set the password authentication for the SSH user Client001. [Quidway] ssh user client001 [Quidway] ssh user client001 authentication-type password # Set the password of the SSH user Client001 to huawei. [Quidway] aaa [Quidway-aaa] local-user client001 password simple huawei [Quidway-aaa]...
Page 179 Step 5 Enable the STelnet service on the SSH server. # Enable the STelnet service. [Quidway] stelnet server enable Step 6 Configure the STelnet service for the SSH users Client001 and Client002. 9-30 Huawei Proprietary and Confidential Issue 05 (2010-01-30) Copyright © Huawei Technologies Co., Ltd.
Page 180 Do you want to save the server's public key?(Y/N):y he server's public key will be saved with the name: 10.164.39.222. Please wait...s Enter password: Enter the password "huawei", and the following output is displayed after successful login: *********************************************************** All rights reserved (2000-2007) Without the owner's prior written consent, * no decompiling or reverse-engineering shall be allowed.
Page 181 [Quidway]display ssh user-information User 1: User Name : client001 Authentication-type : password User-public-key-name : - Sftp-directory Service-type : stelnet Authorization-cmd : No User 2: User Name : client002 9-32 Huawei Proprietary and Confidential Issue 05 (2010-01-30) Copyright © Huawei Technologies Co., Ltd.
Page 182: Example For Connecting The Sftp Client To The Ssh Server
9-7, after the SFTP service is enabled on the SSH server, the SFTP client can log in to the SSH server in the authentication mode: password, RSA, Password-RSA, and all. Issue 05 (2010-01-30) Huawei Proprietary and Confidential 9-33 Copyright © Huawei Technologies Co., Ltd.
Page 183: Figure 9-7 Networking Diagram Of Connecting The Sftp Client To The Ssh Server
Two SSH users are configured on the SSH server: Client001 and Client002. The password authentication is configured for Client001 and the RSA authentication is configured for Client002. <Quidway> system-view [Quidway] ssh user client001 service-type sftp 9-34 Huawei Proprietary and Confidential Issue 05 (2010-01-30) Copyright © Huawei Technologies Co., Ltd.
Page 184 [Quidway] display ssh server session Session 1: Conn :VTY 3 Version :2.0 State :started Username :client001 Retry CTOS Cipher :aes128-cbc STOC Cipher :aes128-cbc CTOS Hmac :hmac-sha1-96 STOC Hmac :hmac-sha1-96 :diffie-hellman-group1-sha1 Issue 05 (2010-01-30) Huawei Proprietary and Confidential 9-35 Copyright © Huawei Technologies Co., Ltd.
Page 185 C4989BF0 416DA8F2 2675910D 7F2997E8 5573A35D 0163FD4A FAC39A6E 0F45F325 A4E3AA1D 54692B04 C6A28D3D C58DE2E8 E0D58D65 7A25CF92 A74D21F9 E917182B 0203 010001 public-key-code end peer-public-key end local-user client001 password simple huawei local-user client001 service-type ssh 9-36 Huawei Proprietary and Confidential Issue 05 (2010-01-30) Copyright © Huawei Technologies Co., Ltd.
Page 186: Example For Accessing The Ssh Server Through Other Port Numbers
SSH server, and follow the procedure of negotiating the SSH version number, negotiating the algorithm, generating the session key, authenticating, sending session request and performing the interactive session. The networking diagram is shown in Figure 9-8. Issue 05 (2010-01-30) Huawei Proprietary and Confidential 9-37 Copyright © Huawei Technologies Co., Ltd.
Page 187: Figure 9-8 Networking Diagram Of Accessing The Ssh Server Through Other Port Numbers
Step 4 Enable the STelnet service and the SFTP service on the SSH server. # Enable the STelnet service and the SFTP service. <Quidway> system-view [Quidway] sftp server enable [Quidway] stelnet server enable 9-38 Huawei Proprietary and Confidential Issue 05 (2010-01-30) Copyright © Huawei Technologies Co., Ltd.
Page 188 0260 BCFAC085 49A2E70E 1284F901 937D7B63 D7A077AB D2797280 4BCA86C0 4CD18B70 5DFAC9D3 9A3F3E74 9B2AF4CB 69FA6483 E87DA590 7B47721A 16391E27 1C76ABAB 743C568B 1B35EC7A 8572A096 BCA9DF0E BC89D3DB 5A83698C 9063DB39 A279DD89 0203 Issue 05 (2010-01-30) Huawei Proprietary and Confidential 9-39 Copyright © Huawei Technologies Co., Ltd.
Page 189 # Configure the password authentication for the SSH user Client001. [Quidway] ssh user client001 [Quidway] ssh user client001 authentication-type password # Set the password of the SSH user Client001 to huawei. [Quidway] aaa [Quidway-aaa] local-user client001 password simple huawei [Quidway-aaa] local-user client001 service-type ssh [Quidway-aaa] quit # Set the service type of Client001 to STelnet.
Page 190 [Quidway] display ssh server session Session 1: Conn : VTY 3 Version : 2.0 State : started Username : client001 Retry CTOS Cipher : aes128-cbc STOC Cipher : aes128-cbc Issue 05 (2010-01-30) Huawei Proprietary and Confidential 9-41 Copyright © Huawei Technologies Co., Ltd.
Page 192: Figure 9-9 Networking Diagram Of Authenticating The Ssh Through Radius
[Quidway] rsa local-key-pair create The key name will be: Quidway_Host The range of public key size is (512 ~ 2048). NOTES: If the key modulus is greater than 512, Issue 05 (2010-01-30) Huawei Proprietary and Confidential 9-43 Copyright © Huawei Technologies Co., Ltd.
Page 193 On the RADIUS server, add one user named mailto:ssh1@ssh.com. In addition, specify the address of the Network Address Server (NAS) as 10.164.39.222 and set the key to "huawei". The address of NAS refers to the address of the SSH server connected to the RADIUS server.
Page 194 [Quidway] display ssh server session Conn Encry State retry Username VTY 0 2.0 started client001 ----End Configuration Files sysname Quidway radius-server template ssh radius-server authentication 10.164.16.49 1812 Issue 05 (2010-01-30) Huawei Proprietary and Confidential 9-45 Copyright © Huawei Technologies Co., Ltd.
Page 196 10.4.3 Displaying the Restart Information of RPU..................10-8 10.5 Configuring the Electronic Label ......................10-9 10.5.1 Establishing the Configuration Task ....................10-9 10.5.2 Querying the Electronic Label ......................10-9 10.5.3 Backing Up the Electronic Label .....................10-9 Issue 05 (2010-01-30) Huawei Proprietary and Confidential Copyright © Huawei Technologies Co., Ltd.
Page 197: Router Maintenance
10.4 Monitoring the Router This section describes how to monitor the router status. Status 10.5 Configuring the This section describes how to configure the electronic Electronic Label label. Issue 05 (2010-01-30) Huawei Proprietary and Confidential 10-1 Copyright © Huawei Technologies Co., Ltd.
Page 198: Introduction
Before powering off the FIC/HIC, you need to install and power on the router properly and ensure that you can log on to the router correctly. 10-2 Huawei Proprietary and Confidential Issue 05 (2010-01-30) Copyright © Huawei Technologies Co., Ltd.
Page 199: Powering Off The Fic/Hic
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Present Normal 1POS155 Present Normal Present Normal 4CE1 Present Normal 8CE1 Present Normal Present Normal Present Normal 1CPOS Present Normal Issue 05 (2010-01-30) Huawei Proprietary and Confidential 10-3 Copyright © Huawei Technologies Co., Ltd.
Page 200: Managing The Device Operation
The master/slave switchover is performed forcibly through CLI. − Pre-configuration Tasks Before managing the device operation, complete the following tasks: Completing the router installation and powering it on 10-4 Huawei Proprietary and Confidential Issue 05 (2010-01-30) Copyright © Huawei Technologies Co., Ltd.
Page 201: Specifying The Slave Rpu
The other slot number is for the master RPU. Step 3 Run: quit The user view is displayed. Step 4 Run: save The current configuration is saved. ----End 10.3.3 Restarting the Router Issue 05 (2010-01-30) Huawei Proprietary and Confidential 10-5 Copyright © Huawei Technologies Co., Ltd.
Page 202: Performing The Master/Slave Switchover
This step is optional. By default, the system automatically synchronizes the data to the slave RPU. Step 4 Run: quit The CLI returns to the system view. Step 5 Run: save The configuration file is saved. Step 6 Run: system-view 10-6 Huawei Proprietary and Confidential Issue 05 (2010-01-30) Copyright © Huawei Technologies Co., Ltd.
Page 203: Monitoring The Router Status
<Quidway> display version Huawei Versatile Routing Platform Software VRP (R) Software, Version 5.30(NE20 V200R005C03SPC001) Copyright (c) 2000-2007 HUAWEI TECH CO., LTD. Quidway NetEngine 20E-8 Router uptime is 0day, 0hour, 30minutes Startup time : 2007/03/28 13:48 Master Rpu (9)'s version information:...
Page 204: Displaying The Restart Information Of Rpu
The restart history of the RPU is checked. Using the preceding command, you can check the restart history of RPU. For example: <Quidway> display system restart Reason of system reboot: 10-8 Huawei Proprietary and Confidential Issue 05 (2010-01-30) Copyright © Huawei Technologies Co., Ltd.
Page 205: Configuring The Electronic Label
Do as follows on the router whose electronic label to be backuped. Step 1 Run: system-view The system view is displayed. Step 2 Run: backup elabel ftp host filename username password [ slot-id ] Issue 05 (2010-01-30) Huawei Proprietary and Confidential 10-9 Copyright © Huawei Technologies Co., Ltd.
Page 206 The electronic label is backed up to a specified FTP server. ----End The parameter filename should end with .fls,so as to backup the elabel up to the FTP server. 10-10 Huawei Proprietary and Confidential Issue 05 (2010-01-30) Copyright © Huawei Technologies Co., Ltd.
Page 207 11.3.2 Specifying the System Software for the Next Startup of the Master RPU ........11-5 11.3.3 Specifying the System Software for the Next Startup of the Slave RPU ........11-6 11.3.4 Checking the Configuration ......................11-6 Issue 05 (2010-01-30) Huawei Proprietary and Confidential Copyright © Huawei Technologies Co., Ltd.
Page 208: System Software Upgrade
11.3 Specifying the System This section describes how to specify the system software Software for the Next Startup for the next startup of the router. of the Router Issue 05 (2010-01-30) Huawei Proprietary and Confidential 11-1 Copyright © Huawei Technologies Co., Ltd.
Page 209: Introduction
This does not affect the current features or functions. Therefore, users can flexibly decide the required features according to the service demands without making great investment at the time of purchase. 11-2 Huawei Proprietary and Confidential Issue 05 (2010-01-30) Copyright © Huawei Technologies Co., Ltd.
Page 210: Uploading The System Software And License Files
Upload the system software and license files to the Flash Memory of the master RPU. The router supports the uploading of files through FTP, TFTP and Xmodem. Choose an uploading method based on the requirements. Issue 05 (2010-01-30) Huawei Proprietary and Confidential 11-3 Copyright © Huawei Technologies Co., Ltd.
Page 211: Copying The System Software And License To The Slave Rpu
6165 Aug 30 2006 03:36:24 license.txt -rw- 817148 Aug 30 2006 11:04:12 NE.bin 63881 KB total (21751 KB free) The vrpcfg.zip is the default configuration file of the system. 11-4 Huawei Proprietary and Confidential Issue 05 (2010-01-30) Copyright © Huawei Technologies Co., Ltd.
Page 212: Specifying The System Software For The Next Startup Of The Router
Do as follows on the router to be upgraded. Run: startup system-software file-name The big packet file is specified for the next startup of the master RPU. Issue 05 (2010-01-30) Huawei Proprietary and Confidential 11-5 Copyright © Huawei Technologies Co., Ltd.
Page 213: Specifying The System Software For The Next Startup Of The Slave Rpu
<Quidway> display startup MainBoard: Configed startup system software: flash:/b030.bin Startup system software: flash:/b030.bin Next startup system software: flash:/b030.bin Startup saved-configuration file: flash:/vrpcfg.zip Next startup saved-configuration file: flash:/vrpcfg.zip 11-6 Huawei Proprietary and Confidential Issue 05 (2010-01-30) Copyright © Huawei Technologies Co., Ltd.
Page 214 12.5.1 Establishing the Configuration Task ....................12-7 12.5.2 Deactivating the RPU Patch......................12-7 12.6 Unloading the RPU Patch .........................12-7 12.6.1 Establishing the Configuration Task ....................12-7 12.6.2 Deleting the RPU Patch ........................12-8 Issue 05 (2010-01-30) Huawei Proprietary and Confidential Copyright © Huawei Technologies Co., Ltd.
Page 215 Quidway NetEngine20/20E Configuration Guide - Basic Configurations Figures Figures Figure 12-1 Conversion between the statuses of a patch..................12-2 Issue 05 (2010-01-30) Huawei Proprietary and Confidential Copyright © Huawei Technologies Co., Ltd.
Page 216: Patch Management
12.5 Stop Running the RPU This section describes how to stop running the RPU Patch patch. 12.6 Unloading the RPU Patch This section describes how to unload the RPU patch. Issue 05 (2010-01-30) Huawei Proprietary and Confidential 12-1 Copyright © Huawei Technologies Co., Ltd.
Page 217: Figure 12-1 Conversion Between The Statuses Of A Patch
The NE provides the patch function, and you can use the patch program released by Huawei to upgrade the system software. A patch program has three statuses: activated, deactivated and running.
Page 218: Checking The Running Of Patch In The System
RPU s. For example: <Quidway> display patch-information No patch in the memory for CpuId < 9 >. The np patch information np patch file name: Issue 05 (2010-01-30) Huawei Proprietary and Confidential 12-3 Copyright © Huawei Technologies Co., Ltd.
Page 219: Loading A Patch
Upload a patch to the root directory of the Flash Memory of the master RPU. The NE supports the uploading of files through FTP, TFTP and Xmodem. Choose an uploading method based on the requirements. 12-4 Huawei Proprietary and Confidential Issue 05 (2010-01-30) Copyright © Huawei Technologies Co., Ltd.
Page 220: Copying A Patch To The Root Directory Of The Flash Of The Slave Rpu
Before installing a patch on the RPU, upload the patch to the root directory of the Flash Memory of the master and slave RPUs. Data Preparation None. Configuration Procedures Procedure Uploading the RPU Patch Activating the RPU Patch Running the RPU Patch Issue 05 (2010-01-30) Huawei Proprietary and Confidential 12-5 Copyright © Huawei Technologies Co., Ltd.
Page 221: Uploading The Rpu Patch
After a patch is activated, you need to determine that the patch works normally. If the patch does not become valid, you need to activate the patch. A patch can be deactivated only after it is activated. 12-6 Huawei Proprietary and Confidential Issue 05 (2010-01-30) Copyright © Huawei Technologies Co., Ltd.
Page 222: Deactivating The Rpu Patch
When upgrading the system software or installing a new patch, you need to delete the running patch. You can delete a patch of any status. Pre-configuration Tasks None. Data Preparation None. Configuration Procedures Procedure Deleting the RPU Patch Issue 05 (2010-01-30) Huawei Proprietary and Confidential 12-7 Copyright © Huawei Technologies Co., Ltd.
Page 223: Deleting The Rpu Patch
12.6.2 Deleting the RPU Patch Do as follows on the router to be upgraded. Run: patch delete [ slave | all ] The RPU patch is deleted. 12-8 Huawei Proprietary and Confidential Issue 05 (2010-01-30) Copyright © Huawei Technologies Co., Ltd.
Page 224 Quidway NetEngine20/20E Configuration Guide - Basic Configurations Contents Contents A Glossary ............................ A-1 B Acronyms and Abbreviations ....................B-1 Huawei Proprietary and Confidential Issue 05 (2010-01-30) Copyright © Huawei Technologies Co., Ltd.
Page 225 Compared with the ACL, the black list can filter the packet at a high speed because its matching region is simple. It can shield the packet from the specified IP address. Huawei Proprietary and Confidential Issue 05 (2010-01-30) Copyright © Huawei Technologies Co., Ltd.
Page 226 File Transfer Protocol. An application protocol in the TCP/IP stack, used for transferring files between remote hosts. FTP is implemented based on the file system. Huawei Proprietary and Confidential Issue 05 (2010-01-30) Copyright © Huawei Technologies Co., Ltd.
Page 227 Configuration Guide - Basic Configurations A Glossary HGMPv2 Huawei Group Management Protocol Version 2. A protocol in which the discovery, topology collection, centralized management and remote maintenance are implemented on Layer 2 devices of a cluster that are connected with the router.
Page 228 Neighbor Discovery Protocol. A protocol that is used to discover the information of the neighboring Huawei device that is connected with the local device. Network Management System. A system that sends various query packets and receives the response packet and trap packet form the managed devices and displays all the information.
Page 229 Versatile Routing Platform. A versatile routing operating system platform developed for all data communication products of Huawei. With the IP service as its core, the VRP adopts the componentized architecture. The VRP realizes rich functions and provides tailorability and scalability based on applications.
Page 230 A transmission protocol in the format of the binary code. X.25 over TCP. A protocol that implements the interconnection between two X.25 networks through the TCP packet bearing X.25 frames. Huawei Proprietary and Confidential Issue 05 (2010-01-30) Copyright © Huawei Technologies Co., Ltd.
Page 231: Acronyms And Abbreviations
Asynchronous Transfer Mode Auxiliary port Border Gateway Protocol Class-based Queue CHAP Challenge Handshake Authentication Protocol Custom Queuing CR-LDP Constrain-based Routing LDP DHCP Dynamic Host Configuration Protocol Domain Name System Huawei Proprietary and Confidential Issue 05 (2010-01-30) Copyright © Huawei Technologies Co., Ltd.
Page 232 Label Distribution Protocol Medium Access Control MBGP Multiprotocol Extensions for BGP-4 Multiple Frame Relay MultiLink PPP MPLS Multiprotocol Label Switching MSDP Multicast Source Discovery Protocol Maximum Transmission Unit Huawei Proprietary and Confidential Issue 05 (2010-01-30) Copyright © Huawei Technologies Co., Ltd.
Page 233 RADIUS Remote Authentication Dial In User Service Routing Information Protocol Resilient Packet Ring RSVP Resource Reservation Protocol Traffic Engineering Transmission Control Protocol TFTP Trivial File Transfer Protocol Huawei Proprietary and Confidential Issue 05 (2010-01-30) Copyright © Huawei Technologies Co., Ltd.
Page 234 Virtual Private LAN Service Virtual Private Network Versatile Routing Platform VRRP Virtual Router Redundancy Protocol Wide Area Network Weighted Fair Queuing WRED Weighted Random Early Detection X.25 Over TCP Huawei Proprietary and Confidential Issue 05 (2010-01-30) Copyright © Huawei Technologies Co., Ltd.
Page 235 Quidway NetEngine20/20E Configuration Guide - Basic Configurations Contents Contents Index ..............................i-1 Huawei Proprietary and Confidential Issue 05 (2010-01-30) Copyright © Huawei Technologies Co., Ltd.
Page 236 12-6 unloading, 12-7 FIC, 1-2 product File System introduction, 1-2 overview, 6-2 configuration, 8-3 example, 8-16 setting terminal attributes, 5-7 overview, 8-2 function configuration, 9-24 Huawei Proprietary and Confidential Issue 05 (2010-01-30) Copyright © Huawei Technologies Co., Ltd.
Page 237 11-2 terminal attribute, 5-7 user-management configuration, 5-12 Telnet configuration, 9-6 overview, 9-2 XModem TFTP configuration, 8-15 configuration, 8-12 example, 8-23 example, 8-21 overview, 8-2 overview, 8-2 Huawei Proprietary and Confidential Issue 05 (2010-01-30) Copyright © Huawei Technologies Co., Ltd.

This manual is also suitable for:

Quidway netengine 20e series V200r005

Huawei Quidway NetEngine 20 series Configuration Manual

Table of Contents

Figures

Product Overview

Establishment of the Configuration Environment

CLI Overview

User Management

File System

Introduction

Ftp, Tftp and Xmodem

Telnet and Ssh

Router Maintenance

Quick Links

Chapters

Related Manuals for Huawei Quidway NetEngine 20 series

Summary of Contents for Huawei Quidway NetEngine 20 series