在华为USG6000V1防火墙上配置AAA(认证、授权、计费)涉及多个步骤,以下是基本的配置指南:
1. 登录防火墙
通过SSH或Console线登录防火墙。
2. 进入系统视图
system-view
3. 配置本地用户
进入AAA创建本地用户并设置密码:
[USG6000V1]aaa
[USG6000V1-aaa]ma
[USG6000V1-aaa]manager-user zxb
[USG6000V1-aaa-manager-user-zxb]dis th
2025-03-22 02:03:04.750
#
manager-user zxb
password cipher @%@%AJZyMNPgP@pT0{6IQ2#I4TBXT~kX+J5[$/XQ&QRJP^_0TB[4@%@%
service-type web terminal telnet ssh
level 15
#
return
[USG6000V1-aaa-manager-user-zxb]
4. 进入用户虚拟链接配置
[USG6000V1]user-interface vty 0 4
[USG6000V1-ui-vty0-4]dis th
2025-03-22 02:04:46.230
#
user-interface con 0
authentication-mode aaa
user-interface vty 0 4
authentication-mode aaa
user-interface vty 16 20
protocol inbound all
#
return
5. 进入防火墙用户interface GigabitEthernet0/0/0接口配置
#
interface GigabitEthernet0/0/0
undo shutdown
ip binding vpn-instance default
ip address 192.168.40.254 255.255.255.0
alias GE0/METH
service-manage http permit
service-manage https permit
service-manage ping permit
service-manage ssh permit
service-manage snmp permit
service-manage telnet permit
#
6.验证配置
telnet 192.168.40.254 测试如下图:
登录web测试
华为 VRP8配置命令如何设置立即生效:https://www.hao0564.com/5034.html