admin管理员组文章数量:1531963
2024年2月12日发(作者:)
华为路由器常用命令0000000
system-view 进入系统视图web登录的端口为0/0/00000000
http serveer permit interface GigabitEthernet0/0/0 切换0000000
undo nat alg pptp en 关闭PPTP服务nat alg pptp en 开启PPTP服务
00dis int gi 0/0/1 查看路由目前流量使用情况1377282308
[Quidway]dis
0
华为路由器常用命令0000000cur ;显示当前配置000000
[Quidway]display
current-configuration ;显示当前配置000000
[Quidway]display
interfaces ;显示接口信息000000
[Quidway]display vlan
all ;显示路由信息0000000
[Quidway]display
version ;显示版本信息000000
[Quidway]super
password ;修改特权用户密码0000000
[Quidway]sysname ;交
换机命名0000000
[Quidway]interface ethernet
0/1 ;进入接口视图000000
[Quidway]interface vlan x ;进入接口视图000000[Quidway-Vlan-interfacex]ip address 10.65.1.1
255.255.0.0 ;配置VLAN的IP地址
[Quidway]ip route-static 0.0.0.0 0.0.0.0
10.65.1.2 ;静态路由=网关 ;三层交换支持
[Quidway]user-interface vty 0
4 ;进入虚拟终端[S3026-ui-vty0-4]authentication-mode
password ;设置口令模式222 ;设置口令
000
[Quidway]rip
0000000
[Quidway]local-user ftp000000
[S3026-ui-vty0-4]set authentication-mode password simple
0000000[S3026-ui-vty0-4]user privilege level
3 ;用户级别
[Quidway]interface ethernet
0/1 ;进入端口模式0
[Quidway]int
e0/1 ;进入端口模式000000
[Quidway-Ethernet0/1]duplex
{half|full|auto} ;配置端口工作状态000000
[Quidway-Ethernet0/1]speed {10|100|auto} ;配置端口工作速率配置端口流控000000[Quidway-Ethernet0/1]flow-control ;0000000
[Quidway-Ethernet0/1]mdi
{across|auto|normal} ;配置端口平接扭接00000
[Quidway-Ethernet0/1]port link-type
{trunk|access|hybrid} ;设置端口工作模式[Quidway-Ethernet0/1]port access vlan
3 ;当前端口加入到VLAN[Quidway-Ethernet0/2]port trunk permit vlan
{ID|All} ;设trunk允许的VLAN设置trunk端口的PVID激活端口
00000000
[Quidway-Ethernet0/3]port trunk pvid vlan 3 ;0000000[Quidway-Ethernet0/1]undo shutdown ;0000000
[Quidway-Ethernet0/1]shutdown
;关闭端口回
[Quidway]vlan
3 ;创建VLAN0[Quidway-Ethernet0/1]quit ;返000000
[Quidway-vlan3]port ethernet
0/1 ;在VLAN中增加端口000000
[Quidway-vlan3]port
e0/1 ;简写方式000000
[Quidway-vlan3]port ethernet 0/1 to ethernet
0/4 ;在VLAN中增加端口[Quidway-vlan3]port e0/1 to
e0/4 ;简写方式
[Quidway]monitor-port interface_num> ;指定镜像端口[Quidway]port mirror interface_num> ;指定被镜像端口int_num ;指定镜像和被镜像 [Quidway]description string ;指定VLAN描述字符 [Quidway]port mirror int_list observing-port int_type 0000000 [Quidway]description ;删除VLAN描述字符[Quidway]display vlan [vlan_id] ;查看VLAN设置 [Quidway]stp {enable|disable} ;设置生成树,默认关闭0000000 [Quidway]stp priority 4096 ;设置交换机的优先级0000000 [Quidway]stp root {primary|secondary} ;设置为根或根的 备份000000 [Quidway-Ethernet0/1]stp cost 200 ;设置交换机端口的花费0000000 [Quidway]link-aggregation e0/1 to e0/4 ingress|both ; 端口的聚合[Quidway]undo link-aggregation e0/1|all ; 始端口为通道号00 [SwitchA-vlanx]isolate-user-vlan enable ;设置主vlan[SwitchA]isolate-user-vlan [Quidway-Ethernet0/2]port hybrid pvid vlan pvid ;删除vlan的pvid00 [Quidway-Ethernet0/2]port hybrid vlan vlan_id_list untagged ;设置无标识的vlan 00000000如果包的vlan id与PVId一致,则去掉vlan信息. 默认PVID=1。0000000所以设置PVID为所属vlan id, 设置可以互通的vlan为untagged.000000 ---------------------------------------- 路由器命令 ~~~~~~~~~~000000 [Quidway]display version ;显示版本信息000000 [Quidway]display current-configuration ;显示当前配置000000 [Quidway]display interfaces ;显示接口信息000000 [Quidway]display ip route ;显示路由信息000000 [Quidway]sysname aabbcc ;更改主机名000000 [Quidway]super passwrod 123456 ;设置口令000000 [Quidway]interface serial0 ;进入接口0000000 [Quidway-serial0]ip address shutdown ;激活端口0 [Quidway]link-protocol hdlc ;绑定hdlc协议0000000 [Quidway]user-interface vty 0 4 00000000 000000[Quidway-ui-vty0-4]authentication-mode password[Quidway-ui-vty0-4]set authentication-mode password simple 2220000000[Quidway-ui-vty0-4]user privilege level 3[Quidway-ui-vty0-4]quit [Quidway]debugging hdlc all serial0 ;显示所有信息000000 [Quidway]debugging hdlc event serial0 ;调试事件信息[Quidway]debugging hdlc packet serial0 ;显示包的信息 静态路由:000000 [Quidway]ip route-static number|nexthop}[value][reject|blackhole]例如:0 000000[Quidway]ip route-static 129.1.0.0 16 10.0.0.2 [Quidway]ip route-static 129.1.0.0 255.255.0.0 10.0.0.2000000[Quidway]ip route-static 129.1.0.0 16 Serial 2 000000 [Quidway]ip route-static 0.0.0.0 0.0.0.0 10.0.0.2000000 动态路由:000000[Quidway]rip ;设置动态路由[Quidway]rip 0000000 work ;设置工作允许000000 [Quidway]rip input ;设置入口允许000000 [Quidway]rip output ;设置出口允许000000 [Quidway-rip]network 1.0.0.0 000000 [Quidway-rip]network all 换000000 [Quidway-rip]peer ip-address [Quidway-rip]summary ;路由聚合000000[Quidway]rip version 1 000000 [Quidway]rip version 2 multicast 0000000 [Quidway-Ethernet0]rip split-horizon [Quidway]router id A.B.C.D 0000000 ;设置交换路由网络;设置与所有网络交;000000 ;设置工作在版本12,多播方式000000;配置路由器的ID ;设版本;水平分隔 [Quidway]ospf enable ;启动OSPF协议000000 [Quidway-ospf]import-route direct ;引入直联路由000000 [Quidway-Serial0]ospf enable area 标准访问列表命令格式如下:0 acl config|auto] ;默认前者顺序匹配。000000 rule [normal|special]{permit|deny} [source source-addr source-wildcard|any]例:0 [Quidway]acl 10 0000000[Quidway-acl-10]rule normal permit source 10.0.0.0 0.0.0.2550000000[Quidway-acl-10]rule normal deny source any 扩展访问控制列表配置命令0 配置TCP/UDP协议的扩展访问列表:0000000rule {normal|special}{permit|deny}{tcp|udp}source { wild>|any}destination 配置ICMP协议的扩展访问列表:000000000 rule {normal|special}{permit|deny}icmp source { wild>|any]destination { 扩展访问控制列表操作符的含义于 000000 equal portnumber ;等000000greater-than portnumber ;大于000000 less-than portnumber ;小于000000 not-equal portnumber ;不等000000 range portnumber1 portnumber2 ;区间000000 扩展访问控制列表举例[Quidway]acl 101 00 0000[Quidway-acl-101]rule deny souce any destination any00[Quidway-acl-101]rule permit icmp source any destination any icmp-type echo000000[Quidway-acl-101]rule permit icmp source any destination any icmp-type echo-reply [Quidway]acl 1000 [Quidway-acl-102]rule permit ip source 10.0.0.1 0.0.0.0 destination 202.0.0.1 0.0.0.0 0000000[Quidway-acl-102]rule deny ip source any destination any000000 [Quidway]acl 1030000000 [Quidway-acl-103]rule permit tcp source any destination 10.0.0.1 0.0.0.0 destination-port equal ftp10.0.0.2 0.0.0.0 destination-port equal www [Quidway]firewall enable[Quidway]int e00[Quidway-acl-103]rule permit tcp source any destination 000000 0000000[Quidway]firewall default permit|deny0000000 [Quidway-Ethernet0]firewall packet-filter 101 inbound|outbound 地址转换配置举例0 [Quidway]firewall enable0000000[Quidway]firewall default permit可以进入e0 0000000[Quidway]acl 101 ;内部指定主机0000000[Quidway-acl-101]rule deny ip source any destination any000000[Quidway-acl-101]rule permit ip source 129.38.1.1 0 destination anydestination anydestination anydestination any0000000[Quidway-acl-101]rule permit ip source 129.38.1.2 0 0000000[Quidway-acl-101]rule permit ip source 129.38.1.3 0 0000000[Quidway-acl-101]rule permit ip source 129.38.1.4 0 0000000[Quidway-acl-101]quit0000000 [Quidway]int e0 0000000 0000[Quidway-Ethernet0]firewall packet-filter 101 inbound000 [Quidway]acl 102 ;外部特定主机和大于1024端口的数据包允许进入S0 0000000 [Quidway-acl-102]rule deny ip source any destination any000000[Quidway-acl-102]rule permit tcp source 202.39.2.3 0 destination 202.38.160.1 0000000[Quidway-acl-102]rule permit tcp source any destination 202.38.160.1 0 destination-port great-than100000 0000000[Quidway-acl-102]quit[Quidway]int s0 0000000 [Quidway-Serial0]firewall packet-filter 102 inbound ;设202.38.160.1是路由器出口IP。 [Quidway-Serial0]nat outbound 101 interface ;是Easy ip,将acl 101允许的IP从本接口出时变换源地址。 内部服务器地址转换配置命令(静态nat):000000000 nat server global [protocol] ;global_port不写时使用inside_port0000000 [Quidway-Serial0]nat server global 202.38.160.1 inside 129.38.1.1 ftp tcp0000000[Quidway-Serial0]nat server global 202.38.160.1 inside 129.38.1.2 telnet tcp129.38.1.3 www tcp0000000[Quidway-Serial0]nat server global 202.38.160.1 inside 0000000 设有公网IP:202.38.160.101~202.38.160.103 可以使用。 ;对外访问(原例题)pool1 ;建立地址池[Quidway]acl 1 0000000 [Quidway]nat address-group 202.38.160.101 202.38.160.103 [Quidway-acl-1]rule permit source 10.110.10.0 0.0.0.255 ;指定允许的内部网络[Quidway-acl-1]rule deny source any[Quidway-acl-1]int serial 000 0000000 [Quidway-Serial0]nat outbound 1 address-group pool1 ;在s0口从地址池取出IP对外访问0000000 [Quidway-Serial0]nat server global 202.38.160.101 inside 10.110.10.1 ftp tcp10.110.10.2 www tcp10.110.10.3 www tcp0000000 [Quidway-Serial0]nat server global 202.38.160.102 inside 0000000[Quidway-Serial0]nat server global 202.38.160.102 8080 inside 0000000[Quidway-Serial0]nat server global 202.38.160.103 inside 10.110.10.4 smtp udp PPP设置:0 [Quidway-s0]link-protocol ppp ;默认的协议000000 PPP验证:0000000主验方:pap|chap0000000 [Quidway]local-user q2 password {simple|cipher} hello ;路由器10000000 000000[Quidway]interface serial 0 0000000[Quidway-serial0]ppp authentication-mode {pap|chap}[Quidway-serial0]ppp chap user q1 ;pap时,没有此句0000000 pap被验方:000000[Quidway]interface serial 0 ;路由器2{simple|cipher} hello chap被验方:0[Quidway-serial0]ppp pap local-user q2 password 0000000 [Quidway]interface serial 0 ;路由器2[Quidway-serial0]ppp chap user q2 ;自己路由器名hello ;对方路由器名 帧中继frame-relay (二分册6-61)[q1]fr switching[q1]int s1 00 [Quidway-serial0]local-user q1 password {simple|cipher} 000000 0000000 000000[q1-Serial1]ip address 192.168.34.51 255.255.255.0[q1-Serial1]link-protocol fr ;封装帧中继协议000000 [q1-Serial1]fr interface-type dce[q1-Serial1]fr dlci 100[q1-Serial1]fr inarp [q2]int s1 00 000000 000000 000000[q1-Serial1]fr map ip 192.168.34.52 dlci 100 [q2-Serial1]ip address 192.168.34.52 255.255.255.0000000[q2-Serial1]link-protocol fr[q2-Serial1]fr dlci 100[q2-Serial1]fr inarp 帧中继监测 00 [q2-Serial1]fr interface-type dte0 000000 000000[q2-Serial1]fr map ip 192.168.34.51 dlci 100 [q1]display fr lmi-info[]interface type number]0000000[q1]display fr mapdlci-number]0000000 [q1]display fr pvc-info[serial interface-number][dlci 0000000 000000[q1]display fr dlci-switch[q1]display fr interface[q1]reset fr inarp-info 0000000 000000 000000[q1]debugging fr all[interface type number][q1]debugging fr arp[interface type number][q1]debugging fr lmi[interface type number] 启动ftp服务:0[q1]debugging fr event[interface type number] [Quidway]local-user ftp password {simple|cipher} aaa service-type ftp 0000000 00 0 00 00 0
版权声明:本文标题:[工作]华为路由器常用命令 内容由热心网友自发贡献,该文观点仅代表作者本人,
转载请联系作者并注明出处:https://m.elefans.com/dianzi/1707736373a205504.html,
本站仅提供信息存储空间服务,不拥有所有权,不承担相关法律责任。如发现本站有涉嫌抄袭侵权/违法违规的内容,一经查实,本站将立刻删除。
;设置主vlan包括的子vlan00
发表评论