Mudanças entre as edições de "Switch Huawei"
De IFRS Campus Canoas
(→SSH) |
|||
| Linha 61: | Linha 61: | ||
[sys-view-Vlanif2] ipv6 enable | [sys-view-Vlanif2] ipv6 enable | ||
[sys-view-Vlanif2] ipv6 address 2804:0:24B0:XXXX::XXXX/64 | [sys-view-Vlanif2] ipv6 address 2804:0:24B0:XXXX::XXXX/64 | ||
| + | |||
| + | === Voice VLAN === | ||
| + | |||
| + | Necessário habilitar lldp geral | ||
| + | |||
| + | <HUAWEI> llpd enable | ||
| + | |||
| + | Neste exemplo, a VLAN 5 é a LAN do PC conectado no telefone IP e a VLAN 10 para Voice-VLAN | ||
| + | |||
| + | [sys-view] interface gigabitethernet 0/0/1 | ||
| + | [sys-view-GigabitEthernet0/0/1] port link-type hybrid | ||
| + | [sys-view-GigabitEthernet0/0/1] port hybrid pvid vlan 5 | ||
| + | [sys-view-GigabitEthernet0/0/1] port hybrid untagged vlan 5 | ||
| + | |||
| + | [sys-view-GigabitEthernet0/0/1] voice-vlan 10 enable | ||
| + | [sys-view-GigabitEthernet0/0/1] voice-vlan mode manual | ||
| + | [sys-view-GigabitEthernet0/0/1] port hybrid tagged vlan 10 | ||
| + | [sys-view-GigabitEthernet0/0/1] undo voice-vlan security enable | ||
| + | [sys-view-GigabitEthernet0/0/1] trust 8021p | ||
| + | [sys-view-GigabitEthernet0/0/1] lldp enable | ||
=== LOG === | === LOG === | ||
Edição das 10h41min de 11 de fevereiro de 2022
Índice
Usuário
[sys-view] aaa [sys-view-aaa] local-user admin service-type ssh http terminal
SSH
[sys-view] rsa local-key-pair create [sys-view] stelnet server enable [sys-view] ssh user admin [sys-view] ssh user admin authentication-type password [sys-view] ssh user admin service-type stelnet [sys-view] user-interface vty 0 4 [sys-view-vty] authentication-mode aaa [sys-view-vty] protocol inbound ssh
NTP
[sys-view] ntp-service server disable [sys-view] ntp-service ipv6 server disable [sys-view] ntp-service unicast-server 200.189.40.8 [sys-view] ntp-service unicast-server 200.160.0.8
Timezone
[sys-view] clock timezone Brasilia minus 03:00:00
IPv6
Habilitar configuração global de IPv6
[sys-view] ipv6
Gateway
[sys-view] ip route-static 0.0.0.0 0.0.0.0 192.168.1.1 [sys-view] ipv6 route-static :: 0 2804:0:24B0:XXXX::1
VLAN
[sys-view] vlan 2 [sys-view] name TI [sys-view-vlan2] description TI
Interface em modo de acesso
[sys-view] interface gigabitethernet 0/0/2 [sys-view-GigabitEthernet0/0/2] port link-type access [sys-view-GigabitEthernet0/0/2] port access vlan 2 [sys-view-GigabitEthernet0/0/2] port description desktop
Interface em modo trunk
[sys-view] interface gigabitethernet 0/0/24 [sys-view-GigabitEthernet0/0/24] port link-type trunk [sys-view-GigabitEthernet0/0/24] undo port trunk allow-pass vlan 1 [sys-view-GigabitEthernet1/0/24] port trunk allow-pass vlan 2 [sys-view-GigabitEthernet1/0/24] port description switch
Atribuir IP para a interface VLAN
[sys-view] interface vlanif 2 [sys-view-Vlanif2] ip address 192.168.1.XXX 255.255.255.0 [sys-view-Vlanif2] ipv6 enable [sys-view-Vlanif2] ipv6 address 2804:0:24B0:XXXX::XXXX/64
Voice VLAN
Necessário habilitar lldp geral
<HUAWEI> llpd enable
Neste exemplo, a VLAN 5 é a LAN do PC conectado no telefone IP e a VLAN 10 para Voice-VLAN
[sys-view] interface gigabitethernet 0/0/1 [sys-view-GigabitEthernet0/0/1] port link-type hybrid [sys-view-GigabitEthernet0/0/1] port hybrid pvid vlan 5 [sys-view-GigabitEthernet0/0/1] port hybrid untagged vlan 5
[sys-view-GigabitEthernet0/0/1] voice-vlan 10 enable [sys-view-GigabitEthernet0/0/1] voice-vlan mode manual [sys-view-GigabitEthernet0/0/1] port hybrid tagged vlan 10 [sys-view-GigabitEthernet0/0/1] undo voice-vlan security enable [sys-view-GigabitEthernet0/0/1] trust 8021p [sys-view-GigabitEthernet0/0/1] lldp enable
LOG
[sys-view] info-center channel 6 name graylog [sys-view] info-center source INFO channel 6 log level notification [sys-view] info-center source AAA channel 6 log level notification [sys-view] info-center source ETH channel 6 log level warning [sys-view] info-center source L2IF channel 6 log level warning [sys-view] info-center source TFTP channel 6 log level error [sys-view] info-center loghost source Vlanif25 [sys-view] info-center loghost ipv6 2804:0:24B0:XXXX::XXXX channel 6 facility local2 log-counter disable port 5514 [sys-view] info-center local log-counter disable
POE
[sys-view] poe power-management manual slot 0
Backup Auto das Configurações
[sys-view] set save-configuration interval 60 [sys-view] set save-configuration backup-to-server server 192.168.1.1 transport-type tftp
SNMP
[sys-view] snmp-agent [sys-view] snmp-agent community read cipher NOME_COMUNITY [sys-view] snmp-agent sys-info version v2c [sys-view] undo snmp-agent sys-info version v3
ACL
[sys-view] acl name acl-ssh 3999 [sys-view-acl] description Gerenciamento [sys-view-acl] rule 5 permit tcp source XXX.XXX.XXX.XXX 0 destination-port eq 22 [sys-view-acl] rule 10 permit tcp source XXX.XXX.XXX.XXX 0 destination-port eq 22
Outros
[sys-view] igmp-snooping enable [sys-view] smart-upgrade web-prompt disable
STP
[sys-view] stp mode rstp
Upgrade
Firmware
[user-view] tftp 192.168.1.1 get ARQUIVO [user-view] startup system software flash:/ARQUIVO [user-view] startup patch software flash:/ARQUIVO [user-view] reboot
Servidor Web
[sys-view] http server load ARQUIVO
