华为USG6000V1防火墙AAA配置

在华为USG6000V1防火墙上配置AAA(认证、授权、计费)涉及多个步骤,以下是基本的配置指南:

1. 登录防火墙

通过SSH或Console线登录防火墙。

2. 进入系统视图

system-view

3. 配置本地用户

进入AAA创建本地用户并设置密码:

[USG6000V1]aaa
[USG6000V1-aaa]ma
[USG6000V1-aaa]manager-user zxb
[USG6000V1-aaa-manager-user-zxb]dis th
2025-03-22 02:03:04.750 
#
 manager-user zxb
  password cipher @%@%AJZyMNPgP@pT0{6IQ2#I4TBXT~kX+J5[$/XQ&QRJP^_0TB[4@%@%
  service-type web terminal telnet ssh
  level 15

#
return
[USG6000V1-aaa-manager-user-zxb]
华为USG6000V1防火墙AAA配置
华为USG6000V1防火墙AAA配置

4. 进入用户虚拟链接配置

[USG6000V1]user-interface vty 0 4
[USG6000V1-ui-vty0-4]dis th
2025-03-22 02:04:46.230 
#
user-interface con 0
 authentication-mode aaa
user-interface vty 0 4
 authentication-mode aaa
user-interface vty 16 20
protocol inbound all
#
return
华为USG6000V1防火墙AAA配置
华为USG6000V1防火墙AAA配置

5. 进入防火墙用户interface GigabitEthernet0/0/0接口配置

华为USG6000V1防火墙AAA配置
#
interface GigabitEthernet0/0/0
undo shutdown
ip binding vpn-instance default
ip address 192.168.40.254 255.255.255.0
alias GE0/METH
service-manage http permit
service-manage https permit
service-manage ping permit
service-manage ssh permit
service-manage snmp permit
service-manage telnet permit
#
华为USG6000V1防火墙AAA配置
华为USG6000V1防火墙AAA配置

6.验证配置

telnet 192.168.40.254 测试如下图:

华为USG6000V1

登录web测试

华为USG6000V1防火墙AAA配置
华为USG6000V1防火墙AAA配置
华为USG6000V1防火墙AAA配置

华为 VRP8配置命令如何设置立即生效:https://www.hao0564.com/5034.html

留下评论

您的邮箱地址不会被公开。 必填项已用 * 标注