Switche
3COM 4200
Verbindung zur Konsole
- 19,200 baud (bits per second)
- 8 data bits
- no parity
- 1 stop bit
- no hardware flow control
Standard Login:
- admin:
— - monitor:
monitor - manager:
manager
IP-Adresse
system-view interface vlan 1 ip address xxx.xxx.xxx.xxx mmm.mmm.mmm.mmm quit ip route-static 0.0.0.0 0.0.0.0 xxx.xxx.xxx.xxx save
Benutzer Passwort ändern
system-view local-user admin password simple xxxxxxxxx quit save
Web-UI aktivieren
system-view local-user admin service-type ssh level 3 quit save
SSH aktivieren
system-view # RSA-Key erstellen public-key local create rsa -> y -> 2048 public-key local create dsa -> y -> 2048 # Authentifizierungsmethode für Ethernet-Ports auf "AAA" setzen user-interface vty 0 4 authentication-mode scheme # nur SSH erlauben protocol inbound ssh quit # Benutzer erstellen und für SSH freigeben local-user <USER_NAME> password simple <PASSWORD> service-type ssh level 3 quit # Authentifizierungstyp und -service für Benutzer auf "Passwort" setzen ssh user <USER_NAME> authentication-type password ssh user <USER_NAME> service-type stelnet
Erklärung:
User Interface VTY 0 bis 4
user-interface vty 0 4
CAUTION:
- When SSH protocol is specified, to ensure a successful login, you must configure the AAA authentication using the authentication-mode scheme command.
- The protocol inbound ssh configuration fails if you configured authentication-mode password and authentication-mode none.
When you configured SSH protocol successfully for the user interface, then you cannot configure authentication-mode password and authentication-mode none any more.
protocol inbound { all | ssh | telnet }
| Parameters all | Supports all protocols, including Telnet and SSH. |
|---|---|
| ssh | Supports only SSH. |
| telnet | Supports only Telnet. |
User Authentifizierungstyp einstellen
ssh user username authentication-type { password | rsa | password-publickey | all }
undo ssh user username authentication-type
| username | Valid SSH user name, consisting of a string from 1 to 80 characters long. |
|---|---|
| password | Specifies the authentication type as password. |
| rsa | Specifies the authentication type as RSA public key. |
| password-publickey | Specifies the authentication type as both password and RSA public key. That is, the user can pass the authentication only if both the password and RSA public key are correct. |
| all | Specifies the authentication type as either password or RSA public key. That is, the user can pass the authentication if either the password or RSA public key is correct. |
For the authentication type specified by the password-publickey keyword,
- SSHv1 client users can access the switch as long as they pass one of the two authentications.
- SSHv2 client users can access the switch only when they pass both the authentications.
By default, no authentication type is specified for new users, so they cannot access the switch.
New users must specify authentication type. Otherwise, they cannot access the switch. The new authentication type configured takes effect at the next login.
Service Typ für User einstellen
ssh user username service-type { stelnet | sftp | all }
undo ssh user username service-type
| username | Local user name or the user name defined on the remote RADIUS server, consisting of a string from 1 to 80 characters long. |
|---|---|
| stelnet | Sets the service type to Telnet. If no service type is specified, Telnet is used as the default. |
| sftp | Sets the service type to SFTP. |
| all | Includes Telnet and SFTP two services types. |
Zeit / NTP
- Uhrzeit die Uhrzeit kann man in der WebGui unter „Administration → System Time“ einstellen.
Die Zeitzone wiederum in der CLI mit dem Befehl
clock timezone GMT add 02:00:00 clock summer-time Berlin repeating 01:00:00 03/31/2015 01:00:00 10/31/2015 01:00:00 save
- NTP: Per CLI anmelden und folgende Befehle eingeben
system-view ntp-service unicast-peer <IPADRESSE_DE_NTP_PEERS> save
Port Beschreibung
- Port Beschreibungen anzeigen
display brief interface GigabitEthernet 1/0/1
- Port Beschreibungen hinzufügen
interface GigabitEthernet 1/0/1 description <TEXT>
- Port Beschreibungen löschen
interface GigabitEthernet 1/0/1 undo description
Werkszustand
Per Konsole verbinden und Switch einschalten
- CTRL+B
- 7
- Y
- 0