====== Huawei - VRP configuração básica ======
===== Desativando as mensagens do terminal =====
undo terminal monitor
Info: Current terminal monitor is off.
===== Definindo hostname =====
system-view
Enter system view, return user view with Ctrl+Z.
[Huawei]sysname AR1000v
[AR1000v]
===== Ajustando o timezone e hora do sistema =====
[AR1000v]return
FIXME Observer que alternamos para o modo User View
display clock
2023-03-28 19:13:15
Tuesday
Time Zone(Default Zone Name) : UTC+00:00
clock timezone BR minus 03:00:00
clock datetime 16:15:00 2023-03-28
display clock
2023-03-28 16:15:08
Tuesday
Time Zone(BR) : UTC-03:00
===== Ativanodo o DHCP Client =====
system-view
[AR1000v]display ip interface brief
*down: administratively down
^down: standby
(l): loopback
(s): spoofing
(E): E-Trunk down
The number of interface that is UP in Physical is 8
The number of interface that is DOWN in Physical is 0
The number of interface that is UP in Protocol is 1
The number of interface that is DOWN in Protocol is 7
Interface IP Address/Mask Physical Protocol
GigabitEthernet0/0/0 unassigned up down
GigabitEthernet0/0/1 unassigned up down
GigabitEthernet0/0/2 unassigned up down
GigabitEthernet0/0/3 unassigned up down
GigabitEthernet0/0/4 unassigned up down
GigabitEthernet0/0/5 unassigned up down
GigabitEthernet0/0/6 unassigned up down
NULL0 unassigned up up(s)
[AR1000v]interface GigabitEthernet 0/0/0
[AR1000v-GigabitEthernet0/0/0]ip address dhcp-alloc
[AR1000v-GigabitEthernet0/0/0]quit
[AR1000v]display ip interface brief
*down: administratively down
^down: standby
(l): loopback
(s): spoofing
(E): E-Trunk down
The number of interface that is UP in Physical is 8
The number of interface that is DOWN in Physical is 0
The number of interface that is UP in Protocol is 2
The number of interface that is DOWN in Protocol is 6
Interface IP Address/Mask Physical Protocol
GigabitEthernet0/0/0 172.20.64.26/27 up up
GigabitEthernet0/0/1 unassigned up down
GigabitEthernet0/0/2 unassigned up down
GigabitEthernet0/0/3 unassigned up down
GigabitEthernet0/0/4 unassigned up down
GigabitEthernet0/0/5 unassigned up down
GigabitEthernet0/0/6 unassigned up down
NULL0 unassigned up up(s)
[AR1000v]display current-configuration interface GigabitEthernet0/0/0
[V300R019C00SPC300]
#
interface GigabitEthernet0/0/0
ip address dhcp-alloc
#
return
[AR1000v]display ip routing-table
Route Flags: R - relay, D - download to fib, T - to vpn-instance
------------------------------------------------------------------------------
Routing Tables: Public
Destinations : 8 Routes : 8
Destination/Mask Proto Pre Cost Flags NextHop Interface
0.0.0.0/0 Unr 60 0 D 172.20.64.1 GigabitEthernet0/0/0
127.0.0.0/8 Direct 0 0 D 127.0.0.1 InLoopBack0
127.0.0.1/32 Direct 0 0 D 127.0.0.1 InLoopBack0
127.255.255.255/32 Direct 0 0 D 127.0.0.1 InLoopBack0
172.20.64.0/27 Direct 0 0 D 172.20.64.26 GigabitEthernet0/0/0
172.20.64.26/32 Direct 0 0 D 127.0.0.1 GigabitEthernet0/0/0
172.20.64.31/32 Direct 0 0 D 127.0.0.1 GigabitEthernet0/0/0
255.255.255.255/32 Direct 0 0 D 127.0.0.1 InLoopBack0
===== Ativando o NTP =====
[AR1000v]ntp-service unicast-server 200.160.7.193
[AR1000v]ntp-service unicast-server 200.160.7.186
===== Definindo mensagem de login =====
[AR1000v]header login information "Welcome to Huawei"
[AR1000v]header shell information "Please don't reboot the device!"
===== Criando usuários =====
[AR1000v]aaa
[AR1000v-aaa]local-user admin privilege level 15 password cipher admin123
[AR1000v-aaa]local-user admin service-type terminal telnet ssh http
[AR1000v-aaa]local-user monitor privilege level 1 password cipher monitor123
[AR1000v-aaa]local-user monitor service-type terminal
[AR1000v-aaa]quit
[AR1000v]
===== Definindo tempo de inatividade =====
[AR1000v]user-interface console 0
[AR1000v-ui-console0]authentication-mode aaa
[AR1000v-ui-console0]idle-timeout 20 0
[AR1000v-ui-console0]screen-length 0
[AR1000v-ui-console0]quit
[AR1000v-ui-console0]display this
[V300R019C00SPC300]
#
user-interface con 0
authentication-mode aaa
idle-timeout 20 0
screen-length 0
user-interface vty 0
authentication-mode aaa
user privilege level 15
user-interface vty 1 4
#
return
===== Atribuindo IP a uma interface =====
[AR1000v]interface GigabitEthernet 0/0/1
[AR1000v-GigabitEthernet0/0/1]description ENLACE-LAN
[AR1000v-GigabitEthernet0/0/1]undo shutdown
[AR1000v-GigabitEthernet0/0/1]ip address 172.28.95.1 27
[AR1000v-GigabitEthernet0/0/1]quit
[AR1000v]display current-configuration interface GigabitEthernet0/0/1
[V300R019C00SPC300]
#
interface GigabitEthernet0/0/1
description ENLACE-LAN
ip address 172.28.95.1 255.255.255.224
#
return
===== Configurando acesso SSH =====
[AR1000v-aaa]local-user huawei password cipher huawei
[AR1000v-aaa]local-user huawei service-type ssh
[AR1000v-aaa]local-user huawei privilege level 15
[AR1000v-aaa]quit
[AR1000v]rsa local-key-pair create
The key name will be: Host
RSA keys defined for Host already exist.
Warning: Confirm to replace them! Continue? [Y/N]y
The range of public key size is (512 ~ 2048).
NOTES: If the key modulus is less than 2048,
It will introduce potential security risks.
Input the bits in the modulus[default = 2048]:
Generating keys...
....+++
.....................................................................+++
...........++++++++
.++++++++
[AR1000v]stelnet server enable
[AR1000v]ssh user huawei authentication-type password
[AR1000v]user-interface vty 0 4
[AR1000v-ui-vty0-4]authentication-mode aaa
[AR1000v-ui-vty0-4]protocol inbound ssh
[AR1000v-ui-vty0-4]quit