1、开启路由:
<Navigator>sys
<Navigator>system-view
[Navigator]int e0/0
[Navigator-Ethernet0/0]ip address 172.28.3.50 255.255.255.224
[Navigator-Ethernet0/0]quit
[Navigator]ip route 0.0.0.0 0.0.0.0 172.28.3.33
dhcp server ip-loop telecom
dns ip-list 218.74.122.66
2、TELNET服务:
1)设置用户权限类信息:
[Navigator]local-user useradmin
[Navigator-luser-useradmin]password cipher xxzx
[Navigator-luser-useradmin]quit
[Navigator]user-interface vty 0 4
[Navigator-ui-vty0-4]user privilege level 3
[Navigator-ui-vty0-4]authentication-mode scheme
[Navigator-ui-vty0-4]quit
2)开启TELNET服务:
[Navigator]telnet server enable
3、创建新用户及权限设置:
[Navigator]local-user cyc
[Navigator-luser-cyc]password cip
[Navigator-luser-cyc]password cipher cyc
[Navigator-luser-cyc]service-type telnet level 3
4、NAT转换设置:
[Navigator]nat address-group 1 172.28.3.53 172.28.3.54
[Navigator-Ethernet0/0]nat server protocol tcp global 172.28.3.53 ftp inside 192.168.1.20 ftp
5、ACL设置:
[Qd1w1_HuiYi]acl num 3000
[Qd1w1_HuiiYi-acl-adv-3000]rule 0 deny ip source 172.28.3.42 0 destination 218.74.122.66 0
[Qd1w1_HuiiYi-acl-adv-3000]rule 1 deny ip source 172.28.3.42 0 destination 218.74.122.74 0
[Qd1w1_HuiYi-Ethernet1/0/21]packet-filter inbound ip-group 3000
部分命令详解:
恢复出厂设置:(在尖括号状态下)reset save
y
重启路由:reboot
y
进入配置模式:<Navigator>system-view
查看配置:[Navigator]display current-configuration
删除端口默认信息:
进入端口:[Navigator]interface Vlan 1
删除端口信息:[Navigator-Vlan-interface1]undo ip address 192.168.1.1 255.255.255.0
(或)关闭端口:[Navigator-Vlan-interface1]shutdown 
(另)开启端口:[Navigator-Vlan-interface1]un shutdown
查看端口模式:[Navigator-Vlan-interface1]dis th
创建vlan:  [Navigator]vlan 163
将端口加入VLAN: 在VLAN下加入端口  [Navigator-vlan163]port ethernet0/1 to ethernet0/4
在端口下加入VLAN  [Navigator]interface Ethernet0/3
[Navigator-Ethernet0/3]port access vlan 163
[Navigator-Ethernet0/3]int e0/4
[Navigator-Ethernet0/4]port access vlan 163
修改密码:查看信息:[Navigator]dis cu
到用户信息并复制,如(local-user useradmin)
进入用户:[Navigator]local-user useradmin
修改密码:[Navigator-luser-useradmin]password cipher admin(此密码为:admin)
清空DHCP地址池
<Navigator>system-view
[Navigator]interface Vlan 1
[Navigator-Vlan-interface1]undo ip address dhcp-alloc
另:
地址池信息:dhcp server ip-pool telecom
network 192.168.1.0 mask 255.255.255.0
gateway-list 19
2.168.1.1
dns-list 192.168.1.1
开通TELNET:
<Navigator>system-view
[Navigator]telnet server enable
设置用户权限:
<Navigator>system-view
[Navigator]user-interface vty 0 4
[Navigator-ui-vty0-4]user privilege level 3
[Navigator-ui-vty0-4]set authentication password cipher xxzx(注“xxzx”为所设密码)
注:[Navigator]user-interface vty 0 4(中的“0 4”代表最多可以四个用户同时登陆)
[Navigator-ui-vty0-4]user privilege level 3(中的“3”代表用户权限为三级,可设级别是0-3,0权限最低,3权限最高)
创建telnet用户与权限密码等:
[Navigator]local-user cyc(注“cyc”为新建用户)
[Navigator-luser-cyc]password cipher cyc(注"cyc"为新建用户密码)
[Navigator-luser-cyc]level 3(设置用户权限为3)
[Navigator-luser-cyc]service-type telnet(设置用户模式,作用环境为telnet)
[Navigator-luser-cyc]service-type telnet level 3(一个语句设置用户作用环境与权限)
更改telnet登陆模式:
<Navigator>system-view
[Navigator]user-interface vty 0 4
[Navigator-ui-vty0-4]authentication-mode scheme(注“scheme”为需用户名与密码认证,“password”为只进行密码认证)
NAT转换命令:
[Navigator]int e0/0
[Navigator-Ethernet0/0]nat ?
outbound  Specify NAT parameters
cipher命令
server    Specify internal server parameters
[Navigator-Ethernet0/0]nat server protocol tcp global 172.28.3.53 ftp inside 192.168.1.20 ftp
(注:在E0/0端口上将内部地址192.168.1.20转换为外部地址172.28.3.53,应用于FTP服务上)
[Navigator]nat address-group 1 172.28.3.53 172.28.3.54
(注:外部有效地址池为172.28.3.53-172.28.3.54)
删除用户DHCP服务:
[Navigator]undo dhcp server ip-pool cyc
配备路由器DNS服务器地址:
[Navigator]dns server 218.74.122.74
ACL访问控制:
[Qd1w1_HuiYi]acl num 3000
[Qd1w1_HuiiYi-acl-adv-3000]rule 0 deny ip source 172.28.3.42 0 destination 218.74.122.66 0
[Qd1w1_HuiiYi-acl-adv-3000]rule 1 deny ip source 172.28.3.42 0 destination 218.74.122.74 0
[Qd1w1_HuiYi-Ethernet1/0/21]packet-filter inbound ip-group 3000
注:禁止172.28.3.42访问218.74.122.66/74,先添加3000控制策略,设置策略内容,进入172.28.3.42对应的交换机端口,激活这一策略。
另:删除其中某一策略。
[Qd1w1_HuiYi-Ethernet1/0/21]undo packet-filter inbound ip-group 3000 rule 1

版权声明:本站内容均来自互联网,仅供演示用,请勿用于商业和其他非法用途。如果侵犯了您的权益请与我们联系QQ:729038198,我们将在24小时内删除。