H3C Campus Fixed-Port Switches CLI-Based Quick Start Configuration Guide-6W101

HomeSupportQuick StartH3C Campus Fixed-Port Switches CLI-Based Quick Start Configuration Guide-6W101
Table of Contents
Related Documents
02-Login Management Quick Start Configuration Guide

Login Management Quick Start Configuration Guide

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

Copyright © 2022 New H3C Technologies Co., Ltd. All rights reserved.

No part of this manual may be reproduced or transmitted in any form or by any means without prior written consent of New H3C Technologies Co., Ltd.

Except for the trademarks of New H3C Technologies Co., Ltd., any trademarks that may be mentioned in this document are the property of their respective owners.

The information in this document is subject to change without notice.



Configuring console login

Introduction

The following information uses an example to describe the basic procedure for logging in to the device through a console port.

Network configuration

Figure 1 Connecting to the console port on the device with a DB9-to-RJ45 console cable

 

Prerequisites

Before logging in to the device through a console port, make sure the following requirements are met:

·     The terminal software PuTTY or VTP is installed.

·     Make sure the console cable is supported by the device. Table 1 and Table 2 show the console cables supported by H3C devices. The available console cables vary by device model. For more information, see the installation guide for the device.

 

 

NOTE:

The pin definition for an RJ-45 connector of a serial console cable varies by device model. To avoid abnormal configuration terminal display, use a serial console cable provided by H3C, as shown in Table 2. If you use a third-party serial console cable, make sure the pin definition for an RJ-45 connector is as shown in Table 3.

 

Table 1 Connection methods and console cables

Connection method

Console cable type

Configuration terminal-side connector

Switch-side connector

Using the serial console cable for connection

DB9-to-RJ45 console cable

DB-9 female connector

RJ-45 connector

USB-to-RJ45 console cable

USB connector

RJ-45 connector

Using the mini USB console cable for connection

Mini USB console

cable

USB connector

USB mini-Type B connector

Using the micro USB console cable for connection

Micro USB console cable

USB connector

USB micro-Type B connector

 

Table 2 Pictures of console cables

Console cable

Picture

Product code

DB9-to-RJ45 console cable

04042967

USB-to-RJ45 console cable

0404A1EE

Mini USB console cable

N/A

Micro USB console cable

N/A

 

Table 3 DB9-to-RJ45 console cable signal pinout

RJ-45

Signal

DB-9

Signal

1

RTS

8

CTS

2

DTR

6

DSR

3

TXD

2

RXD

4

SG

5

SG

5

SG

5

SG

6

RXD

3

TXD

7

DSR

4

DTR

8

CTS

7

RTS

 

Procedure

1.     As shown in Figure 1, use a DB9-to-RJ45 console cable to connect the PC to the device. Then, right-click Computer, and select Properties > Device Manager > Ports to identify communications ports used on the PC. This example uses port COM1, as shown in Figure 2.

 

IMPORTANT

IMPORTANT:

Before using a USB-to-RJ45 console cable, a mini USB console cable, or a micro USB console cable to connect the device to the PC, first download and install the corresponding driver on the PC for port identification. For more information about downloading and installing drivers, see the installation guide for the device.

 

Figure 2 Identifying the communications port

 

2.     Open the terminal software on the PC to create a serial port terminal, as shown in Figure 3.

Figure 3 Creating a serial port terminal

 

3.     As shown in Figure 4, enter device name Switch, select port COM1, configure the terminal parameters as follows, and then click OK:

¡     BaudRate9600 bps.

¡     Databits—8.

¡     Stopbits—1.

¡     ParityNone.

¡     FlowControlNone.

Figure 4 Configuring terminal parameters

 

4.     Enter the system, as shown in Figure 5, which indicates that the PC is connected to the device by using the console cable successfully.

Figure 5 Connected to the device

 

Configuration files

None.

Related documentation

·     Login management configuration in the fundamentals configuration guide for the device.

·     Login management commands in the fundamentals command reference for the device.


Configuring Telnet login

Introduction

The following information uses an example to describe the basic Telnet login  procedure.

Network configuration

As shown in Figure 6, users need to log in to the device remotely to manage the device.

·     Configure Telnet login to enable users to Telnet to the device.

·     Configure Telnet user authentication so a Telnet user must provide the correct username and password at login.

·     Assign the user role network-admin to the user.

Figure 6 Network diagram

 

Prerequisites

·     Configure an IP address for the device and obtain the IP address for the Telnet server. If the device and the Telnet server are not in the same subnet, make sure the device and the Telnet server can reach each other.

·     The Command Prompt window of the Windows system can act as a Telnet client. By default, the Telnet client service is disabled in Windows 7 and later. A shown in Figure 7, to manually enable the Telnet client service, go to Select Control Panel > Programs and Features > Turn Windows features on or off, and then select Telnet Client.

Figure 7 Enable the Telnet Client service

 

Procedure

# Log in to the device through the console port. (Details not shown.)

# Enter system view and enable Telnet service.

<Sysname> system-view

[Sysname] telnet server enable

# Enable scheme authentication to use AAA to authenticate VTY login users.

[Sysname] line vty 0 63

[Sysname-line-vty0-63] authentication-mode scheme

[Sysname-line-vty0-63] quit

# Create the local user abc. Set the password to hello12345. Assign the network-admin user role to the user.

[Sysname] local-user abc

[Sysname-luser-manage-abc] password simple hello12345

[Sysname-luser-manage-abc] service-type telnet

[Sysname-luser-manage-abc] authorization-attribute user-role network-admin

[Sysname-luser-manage-abc] quit

Verifying the configuration

# Press Win+R, and enter cmd to open the Command Prompt window. Enter Telnet device management IP address, and then press Enter.

C:\Users\Administrator> telnet 192.168.3.1

# Enter the user account and press Enter. Enter the password and press Enter. The password is not displayed. Then, you are logged in to the system.

Login: abc

Password:

******************************************************************************

* Copyright (c) 2004-2019 New H3C Technologies Co., Ltd. All rights reserved.*

* Without the owner's prior written consent,                                 *

* no decompiling or reverse-engineering shall be allowed.                    *

******************************************************************************

 

<Sysname>

Configuration files

#

 telnet server enable

#

line vty 0 63

 authentication-mode scheme

#

local-user abc

 password hash $h$6$I2Sg4Llj1qVUWQZ3$JA6KkU3zfVVRg48MM92X6cVpdiqR2JF887PKi3GQMwn

XXXcsWBuz7GIeJZeeNFMmMBaV7DPkKblnb0sGT2axvg==

 service-type telnet

 authorization-attribute user-role network-admin

#

Related documentation

·     Login management configuration in the fundamentals configuration guide for the device.

·     Login management commands in the fundamentals command reference for the device.


Configuring console login with local authentication

Introduction

The following information uses an example to describe the basic procedure for logging in to the device through a console port with local authentication.

Prerequisites

Enter the CLI. For more information, see Configuring console login.

Procedure

The local authentication methods include password authentication and scheme authentication.

Password authentication

# Enter system view.

<Sysname> system-view

# Configure password authentication for AUX line 0 (console port).

[Sysname] line aux 0

[Sysname-line-aux0] authentication-mode password

# Set the password to hello12345 in plain text.

[Sysname-line-aux0] set authentication password simple hello12345

# Assign the network-admin user role to the user for the user to manage the device and access all resources.

[Sysname-line-aux0] user-role network-admin

# Return to system view.

[Sysname-line-aux0] quit

# Save the configuration.

[Sysname] save

Scheme authentication

# Enter system view.

<Sysname> system-view

# Configure scheme authentication for AUX line 0 (console port) with username/password authentication.

[Sysname] line aux 0

[Sysname-line-aux0] authentication-mode scheme

# Return to system view.

[Sysname-line-aux0] quit

# Create local user Client. Set the password to hello12345 in plain text. Assign the network-admin user role to the user for the user to manage the device and access all resources.

[Sysname] local-user Client

[Sysname-luser-manage-Client] password simple hello12345

[Sysname-luser-manage-Client] authorization-attribute user-role network-admin

# Specify the terminal service type.

[Sysname-luser-manage-Client] service-type terminal

# Return to system view.

[Sysname-luser-manage-Client] quit

# Save the configuration.

[Sysname] save

Verifying the configuration

Log in to the device after configuration:

·     For password authentication, enter password hello12345 as prompted. You are logged in to the system. The password is not displayed.

Line aux0 is available.

 

Press ENTER to get started.

Password:

******************************************************************************

* Copyright (c) 2004-2021 New H3C Technologies Co., Ltd. All rights reserved.*

* Without the owner's prior written consent,                                 *

* no decompiling or reverse-engineering shall be allowed.                    *

******************************************************************************

 

<Sysname>

 

·     For scheme authentication, enter username Client in the Login field and enter password hello12345 as prompted. You area logged in to the system. The password is not displayed.

Line aux0 is available.

 

Press ENTER to get started.

Login: Client

Password:

******************************************************************************

* Copyright (c) 2004-2021 New H3C Technologies Co., Ltd. All rights reserved.*

* Without the owner's prior written consent,                                 *

* no decompiling or reverse-engineering shall be allowed.                    *

******************************************************************************

 

<Sysname>

 

Configuration files

·     Password authentication:

#

line aux 0

 authentication-mode password

 user-role network-admin

 set authentication password hash $h$6$fHkW5VqkiATx1+QX$1c5xycW0hx3f9TJi2vMzCwUS

tFKCPNvM+M8KyCWPc1f1Q4nhm1SUDGp59LGlSHn+tsjjxpxEfA+00Y6yr00Ojg==

#

·     Scheme authentication:

#

line aux 0

 authentication-mode scheme

#

local-user Client class manage

 password hash $h$6$nz1haYkZ7nMNDuD8$61zQWor52DYHpv2KFyCdVHX/d4W9VNRPfyEEU2zyuoB

oOZ5lIS8bLYqUFSjVlBncRIA25FIiz4Js13akTZ3SXw==

 service-type terminal

 authorization-attribute user-role network-admin

#

Related documentation

·     Login management configuration in the fundamentals configuration guide for the device.

·     Login management commands in the fundamentals command reference for the device.


Recovering the password of the console port

Introduction

The following information uses examples to describe the methods to recover the password of the console port. Different methods are suitable for different scenarios as follows:

·     Method 1Used when you forget only the password of the console port but Telnet or SSH login is available.

·     Methods 2 and 3Used when all passwords are forgotten, and you cannot log in to the device. In addition, the configuration file must be saved.

·     Methods 4Used when all passwords are forgotten, and you cannot log in to the device. In addition, the configuration file does not need to be saved.

Network configuration

None.

Procedure

IMPORTANT

IMPORTANT:

As a best practice, use method 1 to recover the password of the console port. If you forget all login passwords, use other methods.

 

Method 1

To change the password of the console port after you log in to the device through Telnet or SSH:

1.     Log in to the device through Telnet or SSH.

2.     Reconfigure the password. For more information, see "Configuring console login with local authentication."

Method 2

To skip the startup configuration file to start up the device from the BootWare menu and change the password of the console port:

 

 

NOTE:

BootWare menu varies by device model. This example uses the BootWare menu of the S5130 switch series.

 

1.     Connect a configuration terminal to the console port of the device, and reboot the device.

2.     During device reboot, press Ctrl+B to enter the BootWare menu. Then, select Skip current system configuration as shown in Figure 8.

Figure 8 Entering the BootWare menu and selecting Skip current system configuration

 

3.     Select Reboot to reboot the device as shown in Figure 9.

Figure 9 Rebooting the device

 

4.     During the reboot, press Ctrl+C or Ctrl+D to skip automatic configuration as shown in Figure 10.

Figure 10 Skipping automatic configuration

 

5.     Press Enter to skip the startup configuration file to enter the CLI.

6.     View the content of the startup configuration file. The file-name argument specifies the name of the startup configuration file.

<Sysname> more startup.cfg

7.     Select all command lines in the startup configuration file, copy them, and save them to a local file in TXT format, as shown in Figure 11 and Figure 12.

Figure 11 Copying the content in the startup configuration file

 

Figure 12 Saving the content of the startup configuration file to a local file

 

8.     Modify the startup configuration file and delete the password or specify a new password, as shown in Figure 13. In this example, the new password is hello12345.

 

IMPORTANT

IMPORTANT:

The password for password authentication is configured in AUX line view. The password for scheme authentication is configured in local user view. This example modifies the password for scheme authentication.

 

Figure 13 Configuring a new password

 

9.     Enter system view.

<Sysname> system-view

10.     Copy the content in the startup configuration file and paste them to the device, as shown in Figure 14.

Figure 14 Pasting the startup configuration file at the CLI

 

11.     Save the configuration.

[Sysname] save

12.     Return to user view and reboot the device.

[Sysname] quit

<Sysname> reboot

Method 3

To skip the startup configuration file to start up the device from the BootWare menu and roll back the running configuration:

1.     Skip the startup configuration file to start up the device as described in method 2.

<Sysname> system-view

2.     Roll back the running configuration to the configuration in a configuration file, for example, startup.cfg. Then, enter N to not save the running configuration.

[Sysname] configuration replace file startup.cfg

Current configuration will be lost, save current configuration? [Y/N]:N

Now replacing the current configuration. Please wait...

Succeeded in replacing current configuration with the file startup.cfg.

3.     Reconfigure the password. For more information, see "Configuring console login with local authentication."

Method 4

To skip the startup configuration file to start up the device from the BootWare menu and save the running configuration:

device configuration to the factory defaults:

 

CAUTION

CAUTION:

The operations in this method clear all settings from the device. Make sure you fully understand the impacts of the operations on services.

 

1.     Skip the startup configuration file to start up the device as described in method 2, and save the running configuration.

<Sysname> system-view

[Sysname] save

2.     Reconfigure the password. For more information, see "Configuring console login with local authentication."

Configuration files

None.

Related documentation

·     Login management configuration in the fundamentals configuration guide for the device.

·     Configuration file management configuration in the fundamentals configuration guide for the device.

·     Login management commands in the fundamentals command reference for the device.

·     Configuration file management commands in the fundamentals command reference for the device.

 


Recovering the password for Telnet/Web login

Introduction

The following information uses an example to describe the method to use when a user forgets Telnet or Web login password.

Network configuration

None.

Procedure

When the password for Telnet login is forgotten

Log in to the device through the console port, and reconfigure the password for Telnet login. For more information, see "Configuring Telnet login."

When the password for Web login is forgotten

Log in to the device through the console port, and reconfigure the password for Web login as follows:

# Enter system view.

<Sysname> system-view

# Enter the view of the target Web user and set password to hello12345. This example uses user client.

[Sysname] local-user client

[Sysname-luser-manage-client] password simple hello12345

[Sysname-luser-manage-client] quit

# Save the configuration.

[Sysname] save

Configuration files

·     Telnet login:

For more information, see "Configuring Telnet login."

·     Web login:

#

ip http enable

#

ip https enable

#

local-user client

 password hash $h$6$I2Sg4Llj1qVUWQZ3$JA6KkU3zfVVRg48MM92X6cVpdiqR2JF887PKi3GQMwn

XXXcsWBuz7GIeJZeeNFMmMBaV7DPkKblnb0sGT2axvg==

 service-type http https

 authorization-attribute user-role network-admin

#

Related documentation

·     Login management configuration in the fundamentals configuration guide for the device.

·     Login management commands in the fundamentals command reference for the device.

 

  • Cloud & AI
  • InterConnect
  • Intelligent Computing
  • Security
  • SMB Products
  • Intelligent Terminal Products
  • Product Support Services
  • Technical Service Solutions
All Services
  • Resource Center
  • Policy
  • Online Help
All Support
  • Become a Partner
  • Partner Resources
  • Partner Business Management
All Partners
  • Profile
  • News & Events
  • Online Exhibition Center
  • Contact Us
All About Us
新华三官网