一、配置stelnet

1.PC2的基本配置，用路由器模擬

<Huawei>sys

Enter system view, return user view with Ctrl+Z.

[Huawei]un in e

Info: Information center is disabled.

[Huawei]sys PC2

[Huawei]int g 0/0/0

[Huawei-GigabitEthernet0/0/0]ip add 192.168.1.1 24

[Huawei-GigabitEthernet0/0/0]q

[Huawei]ip route-static 0.0.0.0 0.0.0.0 192.168.1.254

[Huawei]q

2.S1的配置

<Huawei>sys

進(jìn)入系統(tǒng)視圖，鍵入Ctrl+Z退回到用戶視圖。

[Huawei]un in e

提示：信息中心被關(guān)閉。

[Huawei]sys S1

[S1]vlan 10

[S1-vlan10]des

[S1-vlan10]description manager

[S1-vlan10]q

[S1]q

<S1>sa

將把當(dāng)前的配置保存到存儲設(shè)備中。

是否繼續(xù)？[Y/N]y

提示：請輸入文件名（*.cfg，*.zip）[vrpcfg.zip]：

flash:/vrpcfg.zip文件已經(jīng)存在，是否覆蓋？[Y/N]:y

正在將運行時的配置寫入到存儲設(shè)備0。

保存配置成功。

3.R1的配置

<Huawei>sys

Enter system view, return user view with Ctrl+Z.

[Huawei]sys R1

[R1]int g 0/0/1

[R1-GigabitEthernet0/0/1]ip add 192.168.1.254 24

[R1-GigabitEthernet0/0/1]return?

4.開啟SSH服務(wù)

[R1]stelnet server en

Info: Succeeded in starting the STELNET server.

5.查看SSH服務(wù)狀態(tài)

[R1]dis ssh server status?

?SSH version?????????????:1.99??

?SSH connection timeout???????:60 seconds

?SSH server key generating interval?:0 hours

?SSH Authentication retries?????:3 times

?SFTP Server?????????????:Disable

?Stelnet server???????????:Enable

[R1]

6.在R1 配置SSH服務(wù)器

<1>配置生成RSA密鑰

[R1]rsa local-key-pair create?

The key name will be: Host

% RSA keys defined for Host already exist.

Confirm to replace them? (y/n)[n]:y

The range of public key size is (512 ~ 2048).

NOTES: If the key modulus is greater than 512,

????It will take a few minutes.

Input the bits in the modulus[default = 512]:

Generating keys...

...............++++++++++++

..++++++++++++

...............++++++++

........................++++++++

[R1]

<2>配置SSH登錄界面

認(rèn)證方式aaa，用戶名admin，密碼huawei

[R1]user-interface vty 0 4

[R1-ui-vty0-4]authentication-mode aaa

[R1-ui-vty0-4]protocol inbound ssh?

[R1-ui-vty0-4]idle-timeout 15

[R1-ui-vty0-4]q

[R1]aaa

[R1-aaa]local-user admin password cipher huawei privilege level 3

[R1-aaa]local-user admin service-type ssh

[R1]ssh user admin authentication-type password

?Authentication type setted, and will be in effect next time

[R1]q

<R1>sa

?The current configuration will be written to the device.?

?Are you sure to continue? (y/n)[n]:y

?It will take several minutes to save configuration file, please wait........

?Configuration file had been saved successfully

?Note: The configuration file will take effect after being activated

<R1>

7.在PC2 開啟SSH用戶端首次認(rèn)證

<Huawei>sys

[PC2]ssh client first-time enable?

8.在PC2使用　Stelnet 192.168.1.254命令進(jìn)行aaa測試

[PC2]stelnet 192.168.1.254

Please input the username:admin??輸入admin 用戶名

Trying 192.168.1.254 ...

Press CTRL+K to abort

Connected to 192.168.1.254 ...

The server is not authenticated. Continue to access it? (y/n)[n]:y??接受密鑰 按y

Save the server's public key? (y/n)[n]:y???保存密鑰 按y

The server's public key will be saved with the name 192.168.1.254. Please wait..

.

Enter password:??輸入密碼huawei?看不見

<R1>

9.查看SSH服務(wù)器 當(dāng)前會話

在PC2 查看

[R1]dis ssh server session?

?--------------------------------------------------------------------

?Conn??Ver??Encry???State?Auth-type????Username

?--------------------------------------------------------------------

?VTY 0?2.0??AES????run??password?????admin???

在R1 查看

<R1>dis ssh server session

?--------------------------------------------------------------------

?Conn??Ver??Encry???State?Auth-type????Username

?--------------------------------------------------------------------

?VTY 0?2.0??AES????run??password?????admin????

二、配置通過FTP 備份配置文件

1.配置FTP服務(wù)器

地址：192.168.1.100

網(wǎng)關(guān)：192.168.1.254

2.配置FTP Server

在電腦設(shè)置一個根目錄 ，再點擊 啟動

3.在R1 實現(xiàn)配置文件備份

<R1>save r1-backup.cfg??保存R1配置文件為 r1-backup.cfg

?Are you sure to save the configuration to r1-backup.cfg? (y/n)[n]:y

<R1>dir???查看文件目錄

??7?-rw-??????983?Oct 03 2023 15:29:46??r1-backup.cfg??備份文件

4.在R1 連接FTP

<R1>ftp 192.168.1.100

Trying 192.168.1.100 ...

Press CTRL+K to abort

Connected to 192.168.1.100.

220 FtpServerTry FtpD for free?

User(192.168.1.100:(none)):?回車

331 Password required for?.

Enter password:??回車

230 User?logged in , proceed

[R1-ftp]

5.把R1的配置上傳到FTP

[R1-ftp]put r1-backup.cfg

200 Port command okay.

150 Opening BINARY data connection for r1-backup.cfg

?100%???

226 Transfer finished successfully. Data connection closed.

FTP: 983 byte(s) sent in 0.170 second(s) 5.78Kbyte(s)/sec.

6.在FTP服務(wù)器可以看到備份文件

7.在R1 實現(xiàn)文件配置還原

?<1>刪除路由器R1本地配置文件 r1-backup.cfg

<R1>delete r1-backup.cfg

Delete flash:/r1-backup.cfg? (y/n)[n]:y

Info: Deleting file flash:/r1-backup.cfg...succeed.?

<R1>dir?????沒有 r1-backup.cfg 文件

Directory of flash:/

?Idx?Attr???Size(Byte)?Date????Time(LMT)?FileName?

??0?drw-???????-?Oct 03 2023 14:58:10??dhcp

??1?-rw-????121,802?May 26 2014 09:20:58??portalpage.zip

??2?-rw-??????540?Oct 03 2023 15:10:19??rsa_server_key.efs

??3?-rw-??????396?Oct 03 2023 15:10:15??rsa_host_key.efs

??4?-rw-?????2,263?Oct 03 2023 14:58:00??statemach.efs

??5?-rw-????828,482?May 26 2014 09:20:58??sslvpn.zip

??6?-rw-??????249?Oct 03 2023 15:15:00??private-data.txt

??7?-rw-??????614?Oct 03 2023 15:14:59??vrpcfg.zip

1,090,732 KB total (784,440 KB free)

??

??0?drw-???????-?Oct 03 2023 14:58:10??dhcp

??1?-rw-????121,802?May 26 2014 09:20:58??portalpage.zip

??2?-rw-??????540?Oct 03 2023 15:10:19??rsa_server_key.efs

??3?-rw-??????396?Oct 03 2023 15:10:15??rsa_host_key.efs

??4?-rw-?????2,263?Oct 03 2023 14:58:00??statemach.efs

??5?-rw-????828,482?May 26 2014 09:20:58??sslvpn.zip

??6?-rw-??????249?Oct 03 2023 15:15:00??private-data.txt

??7?-rw-??????614?Oct 03 2023 15:14:59??vrpcfg.zip

<2>把FTP的配置文件還原到R1

[R1-ftp]get r1-backup.cfg

200 Port command okay.

150 Sending r1-backup.cfg (983 bytes). Mode STREAM Type BINARY

226 Transfer finished successfully. Data connection closed.

FTP: 983 byte(s) received in 0.140 second(s) 7.02Kbyte(s)/sec.

查看FTP獲取的配置文件

<R1>dir

??7?-rw-??????983?Oct 03 2023 15:40:30??r1-backup.cfg

8.設(shè)置R1 引導(dǎo)啟動 r1-backup.cfg配置文件，并且新增配置保存

<R1>startup saved-configuration?r1-backup.cfg?設(shè)置引導(dǎo)啟動

查看配置文件

<R1>dis cu

[V200R003C00]

#

?sysname R1

#

?snmp-agent local-engineid 800007DB03000000000000

?snmp-agent?

#

?clock timezone China-Standard-Time minus 08:00:00

#

portal local-server load portalpage.zip

#

?drop illegal-mac alarm

#

?set cpu-usage threshold 80 restore 75

#

aaa?

?authentication-scheme default

?authorization-scheme default

?accounting-scheme default

?domain default?

?domain default_admin?

?local-user admin password cipher %$%$02SrP7aUdP5~"2#g~$n6^8SU%$%$

?local-user admin privilege level 3

?local-user admin service-type ssh

#

firewall zone Local

?priority 15

#

interface GigabitEthernet0/0/0

#

interface GigabitEthernet0/0/1

?ip address 192.168.1.254 255.255.255.0?

#

interface GigabitEthernet0/0/2

#

interface NULL0

#

?stelnet server enable?

#

user-interface con 0

?authentication-mode password

user-interface vty 0 4

?authentication-mode aaa

?idle-timeout 15 0

?protocol inbound ssh

user-interface vty 16 20

#

wlan ac

#

return

9.新增配置 LoopBack 1

<R1>sys

Enter system view, return user view with Ctrl+Z.

[R1]

[R1]int lo

[R1]int LoopBack 1

[R1-LoopBack1]ip add 10.10.10.1 24

[R1-LoopBack1]q

[R1]q

<R1>sa

?The current configuration will be written to the device.?

?Are you sure to continue? (y/n)[n]:y

?It will take several minutes to save configuration file, please wait.......

?Configuration file had been saved successfully

?Note: The configuration file will take effect after being activated

<R1>

10.重啟R1 使用dis cu查看配置信息

loopback文件沒有顯示

?<R1>reboot

war ing ：·······輸入n?

system ····· 輸入y

<R1>reboot

Info: The system is comparing the configuration, please wait.

Warning: All the configuration will be saved to the next startup configuration.?

Continue ? [y/n]:n??

System will reboot! Continue ? [y/n]:y

Info: system is rebooting ,please wait...