set authentication password cipher 4pJyS[y@’)Hj
idle-timeout 20 0
user-interface vty 0 4
#
return
[S1-ui-console0]
Parol o’rnatilganligini tekshirish uchun tizimdan chiqamiz va qayta kiramiz.
Tizimga kirishda parol so’raydi. O’zimiz o’rnatgan parolni terib tizimga
kiramiz.
[S1-ui-console0]return
quit User interface con0 is available
Please Press ENTER.
Login authentication
Password:
Welcome to the FTMN lab.
Konsol port parolini o’chirish uchun quyidagi buyruqni kiritamiz:
[S1]user-interface console 0
[S1-ui-console0]undo authentication-mode
[S1-ui-console0]quit
[S1]
Jan 20 2022 13:17:48+08:00 S1 DS/4/DATASYNC_CFGCHANGE:OID
1.3.6.1.4.1.2011.5.25.191.3.1 configurations have been
changed. The current change number is 18, the change loop
count is 0, and the maximum number of records is 4095.
Sozlama natijasini tekshirish uchun CLI dan chiqib qayta kiramiz:
[S1]quit
quit User interface con0 is available
Please Press ENTER.
Welcome to the FTMN lab.
Konsol portga parol qo’yish uchun yuqoridagi buyruqlarni kiritamiz.
[S1]user-interface console 0
[S1-ui-console0]authentication-mode password
[S1-ui-console0]set authentication password cipher huawei
[S1]quit
qu
quit User interface con0 is available
Please Press ENTER.
Login authentication
Password:
Welcome to the FTMN lab.
Konsol port parolini o’zgartirish uchun quyidagi buyruqlarni kiritamiz:
[S1]user-interface console 0
[S1-ui-console0]set authentication password cipher *******
Joriy qurilmada saqlangan fayllar ro’yxatini ko’rish uchun quyidagi buyruqni
kiritamiz:
dir
Directory of flash:/
Idx Attr Size(Byte) Date Time FileName
0 drw- - Aug 06 2015 21:26:42 src
1 drw- - Feb 02 2022 12:53:37
compatible
32,004 KB total (31,972 KB free)
Qurilma konfiguratsiya fayllarini boshqarish. Saqlangan konfiguratsiya
fayllarini ko’rish uchun quyidagi buyruqni kiritamiz:
display saved-configuration
Agar hech qanday fayl saqlanmagan bo’lsa, hech qanday ma’lumot
chiqmaydi. Joriy konfiguratsiyani saqlash uchun quyidagi buyruqni kiritamiz:
save
The current configuration will be written to the device.
Are you sure to continue?[Y/N]
y
Info: Please input the file name ( *.cfg, *.zip )
[vrpcfg.zip]:
Jan 20 2022 13:20:41+08:00 S1 %%01CFM/4/SAVE(l)[2]:The user
chose Y when deciding whether to save the configuration to
the device.
Now saving the current configuration to the slot 0..
Save the configuration successfully.
Joriy konfiguratsiyani save buyrug’i orqali saqlashni amalga oshirsak,
konfiguratsiya qurilmada saqlanadi. Agar uni Flash xotiraga saqlamoqchi bo’lsak
unda quyidagi buyruqdan foydalanamiz:
save huawei.cfg
Are you sure to save the configuration to
flash:/huawei.cfg?[Y/N]:y
Now saving the current configuration to the slot 0.
Jan 20 2022 13:23:13+08:00 S1 %%01CFM/4/SAVE_FILE(l)[3]:When
deciding whether to save the configuration to the file
flash:/huawei.cfg, the user chose Y.
Save the configuration successfully.
Saqlangan konfiguratsiya ma’lumotlarini ko’rish uchun quyidagi buyruqni
qayta ishga tushiramiz:
display saved-configuration
#
sysname S1
#
header shell information "Welcome to the FTMN lab."
#
user-interface con 0
authentication-mode password
set authentication password cipher :+3g.z@tK>JlDGI>zbS=Tax#
idle-timeout 20 0
user-interface vty 0 4
#
return
Joriy konfiguratsiya ma’lumotlarini ko’rish uchun quyidagi buyruqni
kiritamiz:
display current-configuration
#
sysname S1
#
header shell information "Welcome to the FTMN lab."
#
user-interface con 0
authentication-mode password
set authentication password cipher :+3g.z@tK>JlDGI>zbS=Tax#
idle-timeout 20 0
user-interface vty 0 4
#
return
Flash xotiradan konfiguratsiya fayllarini o’chirish uchun quyidagi buyruqni
kiritamiz:
reset saved-configuration
Warning: The action will delete the saved configuration in
the device.
The configuration will be erased to reconfigure. Continue?
[Y/N]:
y
Flash xotiraga konfiguratsiya faylini qayta saqlamoqchi bo’lsak
yuqoridagi
buyruqni kiritamiz va joriy qurilmada saqlangan fayllarni ko’rish uchun “dir”|
buyrug’ini kiritamiz:
dir
Directory of flash:/
Idx Attr Size(Byte) Date Time FileName
0 drw- - Aug 06 2015 21:26:42 src
1 drw- - Jan 20 2022 13:13:37 compatible
2 -rw- 544 Jan 20 2022 13:25:58 vrpcfg.zip
3 -rw- 1,354 Jan 20 2022 13:26:11 huawei.cfg
Keyingi ishga tushirish uchun konfiguratsiya faylini belgilash uchun quyidagi
buyruqni kiritamiz:
startup saved-configuration huawei.cfg
Info: Succeeded in setting the configuration for booting
system.
Qayta ishga tushirish vaqtida kommutator avtomatik ravishda belgilangan
konfiguratsiya faylini yuklab oladi. Shuning uchun, qayta ishga tushirilgandan
so’ng, konfiguratsiya ma’lumotlari yo’qolmaydi.
Qurilmani qayta ishga tushirish uchun quyidagi buyruq kiritiladi:
reboot
Info: The system is now comparing the configuration, please
wait.
Warning: All the configuration will be saved to the
configuration file for the next startup:flash:/huawei.cfg,
Continue?[Y/N]:
Error: Please choose ‘YES’ or ‘NO’ first before pressing
‘Enter’. [Y/N]:
Info: If want to reboot with saving diagnostic information,
input ‘N’ and then execute ‘reboot save diagnostic-
information’.
System will reboot! Continue?[Y/N]:y
Jan 20 2022 13:88:46+08:00 S1 %%01CMD/4/REBOOT(l)[0]:The
user chose Y when deciding whether to reboot the system.
(Task=co0, Ip=**, User=**)
MAC manzilni biriktirish funksiyasini sozlash
Siz port xavfsizligini sozlashingiz va yuqori kirish xavfsizligini talab
qiladigan tarmoqlarda interfeys o’rganishi mumkin bo’lgan maksimal xavfsiz MAC
manzillarini o’rnatishingiz mumkin. Port xavfsizligi kommutatorga interfeys orqali
o’rganilgan MAC manzillarini xavfsiz MAC manzillariga o’girish va o’rganilgan
MAC manzillarining maksimal soniga erishilgandan so’ng yangi MAC manzillarini
o’rganishni to’xtatish imkonini beradi. Port xavfsizligi yoqilgandan so’ng,
Switch
faqat ma’lum MAC manzillari bo’lgan qurilmalar bilan bog’lana oladi.
Himoyalangan MAC manzillar soni chegaraga yetgandan keyin interfeys mavjud
bo’lmagan manba MAC manziliga ega paketlarni qabul qilsa, Switch paketlarni
ruxsatsiz foydalanuvchidan olingan deb hisoblaydi va interfeysda sozlangan
harakatni amalga oshiradi. Bu ishonchsiz foydalanuvchilarning ushbu interfeyslarga
kirishini oldini oladi, kommutator va tarmoq xavfsizligini oshiradi. Quyidagi jadval
port xavfsizligi bosqichlarini tavsiflaydi.
1-jadval
Do'stlaringiz bilan baham: 
