• 全部
  • 经验案例
  • 典型配置
  • 技术公告
  • FAQ
  • 漏洞说明
  • 全部
  • 全部
  • 大数据引擎
  • 知了引擎
产品线
搜索
取消
案例类型
发布者
是否解决
是否官方
时间
搜索引擎
匹配模式
高级搜索

求各位大佬看下华为改华三配置是否正确

  • 0关注
  • 1收藏,1862浏览
粉丝:0人 关注:7人

问题描述:

华为设备替换华三设备需变更配置;求大佬检查一遍;

组网及组网描述:


4 个回答
粉丝:167人 关注:1人

配置呢

回复zhiliao_juDMG:

都支持的,没啥特别的

叫我靓仔 发表时间:2022-07-18 更多>>

文件为什么上传不上去呢,好奇怪

zhiliao_juDMG 发表时间:2022-07-18
回复zhiliao_juDMG:

附件形式上传,或者直接复制黏贴

叫我靓仔 发表时间:2022-07-18

<HEB-SDN-C2-A20-PE01>dis current-configuration sysname HEB-SDN-C2-A20-PE01 # undo ftp server source all-interface undo ftp ipv6 server source all-interface # info-center loghost source LoopBack0 //需要核实(命令支持) info-center loghost 10.33.2.158 port 5044 facility local5 info-center loghost 10.11.1.3 facility local3 info-center loghost 10.11.1.6 # system resource standard # device board 1 board-type CE6857-48S6CQ-EI # drop-profile default # dcb pfc # dcb ets-profile default # ntp server source-interface all disable ntp ipv6 server source-interface all disable # vlan reserved 4060 # vlan reserved for main-interface 4000 to 4050 # vlan batch 2 4091 to 4094 # stp disable # evpn-overlay enable # router id 10.2.0.46 # telnet server disable telnet ipv6 server disable undo telnet server-source all-interface undo telnet ipv6 server-source all-interface # diffserv domain default # ip vpn-instance HDM # bfd # mpls lsr-id 10.2.0.46 # mpls label advertise non-null mpls # traffic classifier test type or if-match any # traffic behavior test statistics enable car cir 10000 kbps # traffic policy test # aaa undo local-user policy security-enhance local-user ceni_heb password irreversible-cipher ceni_heb@2019 //重新添加 local-user ceni_heb service-type ssh local-user ceni_heb level 3 local-user ceni_sftp password irreversible-cipher $1c$}D7T;5(DMJ$;<!ASN$3@S.'cu*U6,9AbxJO*RJFm'xTYWSIpL'F$ local-user ceni_sftp service-type ssh local-user ceni_sftp level 3 local-user nms_admin password irreversible-cipher $1c$8N~nHYHbUA$F2ug!ftaR<D.qy3=1p#V}*2d>-RO\$qQA}W~rE#H$ local-user nms_admin service-type ssh local-user nms_admin level 3 # authentication-scheme default # authorization-scheme default # accounting-scheme default # domain default # domain default_admin # stack # license # isis 10 is-level level-2 cost-style wide timer lsp-generation 1 50 50 level-2 flash-flood level-2 bfd all-interfaces enable bfd all-interfaces min-tx-interval 100 min-rx-interval 100 frr-binding network-entity 49.0001.0100.0200.0045.00 is-name HEB-SDN-C2-A20-PE01 timer spf 1 50 50 set-overload on-startup send-sa-bit 120 allow external frr loop-free-alternate level-2 # interface Vlanif4091 description manager ip address 10.1.4.97 255.255.255.240 # interface Vlanif4092 description control ip address 10.2.1.97 255.255.255.240 # interface Vlanif4093 description data ip address 10.3.3.97 255.255.255.240 # interface Vlanif4094 description Internet ip address 10.4.1.97 255.255.255.240 # interface MEth0/0/0 # interface 10GE1/0/1 undo portswitch description to HEB-SDN-C2-A20-VXLAN.SW-S6860-10GE1/0/25 # interface 10GE1/0/1.4091 description to Manage ip address 10.1.8.161 255.255.255.224 isis enable 10 isis silent //需要核实(命令支持) # vlan-type dot1q vid 4091 //需要核实(不需要,删除) # interface 10GE1/0/1.4092 description to HDM ip binding vpn-instance HDM //需要核实(命令支持) ip address 10.2.5.161 255.255.255.224 # vlan-type dot1q vid 4092 //需要核实(不需要,删除) # interface 10GE1/0/2 description to HEB-SDN-C2-A20-SW01-Manager-10GE1/0/1 port link-type trunk undo port trunk allow-pass vlan 1 port trunk allow-pass vlan 4091 to 4094 device transceiver 10GBASE-FIBER # interface 10GE1/0/3 description to HEB-SDN-C2-A20-SW01-Manager-10GE1/0/2 shutdown device transceiver 10GBASE-FIBER # interface 10GE1/0/4 description to HEB-SDN-C2-A20-FW01-GE1/0/0 port link-type trunk undo port trunk allow-pass vlan 1 port trunk allow-pass vlan 4091 device transceiver 1000BASE-X # interface 10GE1/0/5 device transceiver 10GBASE-FIBER # interface 10GE1/0/6 device transceiver 10GBASE-FIBER # interface 10GE1/0/7 device transceiver 10GBASE-FIBER # interface 10GE1/0/8 device transceiver 10GBASE-FIBER # interface 10GE1/0/9 device transceiver 10GBASE-FIBER # interface 10GE1/0/10 device transceiver 10GBASE-FIBER # interface 10GE1/0/11 device transceiver 10GBASE-FIBER # interface 10GE1/0/12 device transceiver 10GBASE-FIBER # interface 10GE1/0/13 device transceiver 10GBASE-FIBER # interface 10GE1/0/14 device transceiver 10GBASE-FIBER # interface 10GE1/0/15 device transceiver 10GBASE-FIBER # interface 10GE1/0/16 device transceiver 10GBASE-FIBER # interface 10GE1/0/17 # interface 10GE1/0/18 device transceiver 10GBASE-FIBER # interface 10GE1/0/19 device transceiver 10GBASE-FIBER # interface 10GE1/0/20 # interface 10GE1/0/21 # interface 10GE1/0/22 # interface 10GE1/0/23 # interface 10GE1/0/24 # interface 10GE1/0/25 # interface 10GE1/0/26 # interface 10GE1/0/27 # interface 10GE1/0/28 # interface 10GE1/0/29 # interface 10GE1/0/30 # interface 10GE1/0/31 # interface 10GE1/0/32 # interface 10GE1/0/33 # interface 10GE1/0/34 # interface 10GE1/0/35 # interface 10GE1/0/36 # interface 10GE1/0/37 # interface 10GE1/0/38 # interface 10GE1/0/39 # interface 10GE1/0/40 # interface 10GE1/0/41 # interface 10GE1/0/42 loopback internal # interface 10GE1/0/43 undo portswitch statistics enable loopback internal # interface 10GE1/0/44 loopback internal # interface 10GE1/0/45 undo portswitch loopback internal # interface 10GE1/0/46 # interface 10GE1/0/47 # interface 10GE1/0/48 # interface 100GE1/0/1 undo portswitch mtu 9000 description TO HEB-SDN-C2-A20-P01_HGE1/0/1 ip address 10.5.0.114 255.255.255.252 isis enable 10 isis circuit-type p2p isis circuit-level level-2 isis authentication-mode md5 cipher //重新添加 isis small-hello device transceiver 100GBASE-FIBER isis bfd enable //需要核实(命令支持) mpls //需要核实(命令支持) # mpls te enable //需要核实(不支持,删除) # ip mtu 9000 //需要核实(删除,同mtu 9000) ipv6 mtu 9000 //需要核实(命令支持) # bfd min-transmit-interval 100 //需要核实(不支持,删除,ISIS进程内已经开启所有接口BFD功能) # bfd min-receive-interval 100 //需要核实(不支持,删除) # bfd detect-multiplier 3 //需要核实(不支持,删除) # interface 100GE1/0/2 # interface 100GE1/0/3 # interface 100GE1/0/4 # interface 100GE1/0/5 # interface 100GE1/0/6 # interface LoopBack0 description for_Management ip address 10.2.0.45 255.255.255.255 isis enable 10 # interface LoopBack1 description for_Service ip address 10.2.0.46 255.255.255.255 isis enable 10 # isis prefix-sid index 19942 no-php //需要核实(不支持,删除) # bgp 137749 # non-stop-routing //需要核实(不支持,删除) router-id 10.2.0.46 group RR internal peer RR connect-interface LoopBack1 peer RR password cipher //需要重配 peer 10.1.0.2 as-number 137749 peer 10.1.0.2 group RR peer 10.1.0.6 as-number 137749 peer 10.1.0.6 group RR # ipv4-family unicast peer RR enable peer 10.1.0.2 enable peer 10.1.0.2 group RR peer 10.1.0.6 enable peer 10.1.0.6 group RR # l2vpn-family evpn peer RR enable peer RR advertise-community peer RR next-hop-local //需要核实(命令支持) peer RR advertise encap-type mpls //需要核实(命令支持) peer 10.1.0.2 enable peer 10.1.0.2 group RR peer 10.1.0.6 enable peer 10.1.0.6 group RR # #segment-routing //需要核实(不支持,删除) # snmp-agent community read ceni_public snmp-agent sys-info version all snmp-agent group v3 admin_123 privacy snmp-agent group v3 ceni_public privacy snmp-agent group v3 snmpv3 write-view ViewDefault snmp-agent group v3 terra-monitor-group privacy snmp-agent target-host trap address udp-domain 10.11.1.6 params securityname admin_123 v3 privacy snmp-agent target-host trap address udp-domain 10.11.1.5 params securityname ceni_public snmp-agent target-host trap address udp-domain 192.168.11.253 params securityname ceni_public snmp-agent target-host trap address udp-domain 10.33.2.158 udp-port 60162 params securityname public v2c snmp-agent target-host trap address udp-domain 10.255.1.34 udp-port 9317 params securityname admin_123 v3 privacy snmp-agent usm-user v3 admin_123 admin_123 simple authentication-mode md5 cipher 123_admin snmp-agent usm-user v3 admin_123 privacy-mode des56 cipher 123_admin snmp-agent usm-user v3 ceni_public ceni_public authentication-mode md5 *** snmp-agent usm-user v3 terra-monitor terra-monitor authentication-mode sha *** privacy-mode des56 *** snmp-agent trap enable feature-name arp snmp-agent trap enable feature-name l2vpn snmp-agent trap enable feature-nam radius snmp-agent trap enable feature-name bfd snmp-agent trap enable feature-name bgp snmp-agent trap enable feature-name configuration snmp-agent trap enable feature-name isis snmp-agent trap enable feature-name l3vpn snmp-agent trap enable feature-name ldp snmp-agent trap enable feature-name system snmp-agent trap source LoopBack0 # undo snmp-agent proxy protocol source-status all-interface undo snmp-agent proxy protocol source-status ipv6 all-interface # lldp enable # ssh server enable stelnet server enable sftp server enable snetconf server enable ssh user ceni_sftp ssh user ceni_sftp authentication-type password ssh user ceni_sftp service-type sftp ssh user ceni_sftp sftp-directory flash:/ ssh user ceni_heb ssh user ceni_heb authentication-type password ssh user ceni_heb service-type snetconf stelnet ssh user nms_admin ssh user nms_admin authentication-type password ssh user nms_admin service-type all ssh user nms_admin sftp-directory flash:/ ssh server-source all-interface ssh ipv6 server-source all-interface ssh authorization-type default aaa # //ssh server cipher aes256_ctr aes128_ctr //ssh server hmac sha2_256_96 sha2_256 sha1_96 //ssh server key-exchange dh_group_exchange_sha256 dh_group_exchange_sha1 ecdh_sha2_nistp256 ecdh_sha2_nistp384 ecdh_sha2_nistp521 sm2_kep # //ssh server publickey dsa ecc rsa # //ssh server dh-exchange min-len 2048 # ssh client first-time enable ssh client peer 10.1.0.21 assign ecc-key 10.1.0.21 ssh client peer 172.5.0.41 assign ecc-key 172.5.0.41 # ssh client publickey dsa ecc rsa # ssh client cipher aes256_gcm aes128_gcm aes256_ctr aes192_ctr aes128_ctr aes256_cbc aes128_cbc 3des_cbc ssh client hmac sha2_512 sha2_256_96 sha2_256 sha1 sha1_96 md5 md5_96 ssh client key-exchange dh_group_exchange_sha256 dh_group_exchange_sha1 dh_group14_sha1 dh_group1_sha1 ecdh_sha2_nistp256 ecdh_sha2_nistp384 ecdh_sha2_nistp521 sm2_kep # ping mac enable # user-interface con 0 authentication-mode password set authentication password cipher $1c$K],M:7$/O"$[r(k3vImnHxJPh84'KR*WK.H,srvz%5NY|#>vAYS$ # user-interface vty 0 4 authentication-mode aaa protocol inbound ssh # vm-manager # http # return

zhiliao_juDMG 发表时间:2022-07-18
回复zhiliao_juDMG:

都支持的,没啥特别的

叫我靓仔 发表时间:2022-07-18
粉丝:8人 关注:0人

麻烦给下具体的配置

zhiliao_juDMG 知了小白
粉丝:0人 关注:7人

<HEB-SDN-C2-A20-PE01>dis current-configuration

sysname HEB-SDN-C2-A20-PE01

#

undo ftp server source all-interface

undo ftp ipv6 server source all-interface

#

info-center loghost source LoopBack0
//需要核实(命令支持)
info-center loghost 10.33.2.158 port 5044  facility local5 

info-center loghost 10.11.1.3 facility local3

info-center loghost 10.11.1.6

#

system resource standard

#

device board 1 board-type CE6857-48S6CQ-EI

#

drop-profile default

#

dcb pfc

#

dcb ets-profile default

#

ntp server source-interface all disable

ntp ipv6 server source-interface all disable

#

vlan reserved 4060

#

vlan reserved for main-interface 4000 to 4050

#

vlan batch 2 4091 to 4094

#

stp disable

#

evpn-overlay enable

#

router id 10.2.0.46

#

telnet server disable

telnet ipv6 server disable

undo telnet server-source all-interface

undo telnet ipv6 server-source all-interface

#

diffserv domain default

#

ip vpn-instance HDM

#

bfd

#

mpls lsr-id 10.2.0.46

#

mpls

 label advertise non-null   

 mpls  

#

traffic classifier test type or

 if-match any

#

traffic behavior test

 statistics enable

 car cir 10000 kbps

#

traffic policy test

#

aaa

 undo local-user policy security-enhance

 local-user ceni_heb password irreversible-cipher ceni_heb@2019      //重新添加

 local-user ceni_heb service-type ssh

 local-user ceni_heb level 3

 local-user ceni_sftp password irreversible-cipher $1c$}D7T;5(DMJ$;<!ASN$3@S.'cu*U6,9AbxJO*RJFm'xTYWSIpL'F$

 local-user ceni_sftp service-type ssh

 local-user ceni_sftp level 3

 local-user nms_admin password irreversible-cipher $1c$8N~nHYHbUA$F2ug!ftaR<D.qy3=1p#V}*2d>-RO\$qQA}W~rE#H$

 local-user nms_admin service-type ssh

 local-user nms_admin level 3

 #

 authentication-scheme default

 #

 authorization-scheme default

 #

 accounting-scheme default

 #

 domain default

 #

 domain default_admin

#

stack

#

license

#

isis 10

 is-level level-2

 cost-style wide

 timer lsp-generation 1 50 50 level-2

 flash-flood level-2

 bfd all-interfaces enable

 bfd all-interfaces min-tx-interval 100 min-rx-interval 100 frr-binding

 network-entity 49.0001.0100.0200.0045.00

 is-name HEB-SDN-C2-A20-PE01

 timer spf 1 50 50

 set-overload on-startup send-sa-bit 120 allow external

 frr

  loop-free-alternate level-2

#

interface Vlanif4091

 description manager

 ip address 10.1.4.97 255.255.255.240

#

interface Vlanif4092

 description control

 ip address 10.2.1.97 255.255.255.240

#

interface Vlanif4093

 description data

 ip address 10.3.3.97 255.255.255.240

#

interface Vlanif4094

 description Internet

 ip address 10.4.1.97 255.255.255.240

#

interface MEth0/0/0

#

interface 10GE1/0/1

 undo portswitch

description to HEB-SDN-C2-A20-VXLAN.SW-S6860-10GE1/0/25

#

interface 10GE1/0/1.4091

 description to Manage

 ip address 10.1.8.161 255.255.255.224

 isis enable 10

 isis silent                                   //需要核实(命令支持)

# vlan-type dot1q vid 4091        //需要核实(不需要,删除)

#

interface 10GE1/0/1.4092

 description to HDM

 ip binding vpn-instance HDM     //需要核实(命令支持)

 ip address 10.2.5.161 255.255.255.224

# vlan-type dot1q vid 4092        //需要核实(不需要,删除)

#

interface 10GE1/0/2

 description to HEB-SDN-C2-A20-SW01-Manager-10GE1/0/1

 port link-type trunk

 undo port trunk allow-pass vlan 1

 port trunk allow-pass vlan 4091 to 4094

 device transceiver 10GBASE-FIBER

#

interface 10GE1/0/3

 description to HEB-SDN-C2-A20-SW01-Manager-10GE1/0/2

 shutdown

 device transceiver 10GBASE-FIBER

#

interface 10GE1/0/4

 description to HEB-SDN-C2-A20-FW01-GE1/0/0

 port link-type trunk

 undo port trunk allow-pass vlan 1

 port trunk allow-pass vlan 4091

 device transceiver 1000BASE-X

#

interface 10GE1/0/5

 device transceiver 10GBASE-FIBER

#

interface 10GE1/0/6

 device transceiver 10GBASE-FIBER

#

interface 10GE1/0/7

 device transceiver 10GBASE-FIBER

#

interface 10GE1/0/8

 device transceiver 10GBASE-FIBER

#

interface 10GE1/0/9

 device transceiver 10GBASE-FIBER

#

interface 10GE1/0/10

 device transceiver 10GBASE-FIBER

#

interface 10GE1/0/11

 device transceiver 10GBASE-FIBER

#

interface 10GE1/0/12

 device transceiver 10GBASE-FIBER

#

interface 10GE1/0/13

 device transceiver 10GBASE-FIBER

#

interface 10GE1/0/14

 device transceiver 10GBASE-FIBER

#

interface 10GE1/0/15

 device transceiver 10GBASE-FIBER

#

interface 10GE1/0/16

 device transceiver 10GBASE-FIBER

#

interface 10GE1/0/17

#

interface 10GE1/0/18

 device transceiver 10GBASE-FIBER

#

interface 10GE1/0/19

 device transceiver 10GBASE-FIBER

#

interface 10GE1/0/20

#

interface 10GE1/0/21

#

interface 10GE1/0/22

#

interface 10GE1/0/23

#

interface 10GE1/0/24

#

interface 10GE1/0/25

#

interface 10GE1/0/26

#

interface 10GE1/0/27

#

interface 10GE1/0/28

#

interface 10GE1/0/29

#

interface 10GE1/0/30

#

interface 10GE1/0/31

#

interface 10GE1/0/32

#

interface 10GE1/0/33

#

interface 10GE1/0/34

#

interface 10GE1/0/35

#

interface 10GE1/0/36

#

interface 10GE1/0/37

#

interface 10GE1/0/38

#

interface 10GE1/0/39

#

interface 10GE1/0/40

#

interface 10GE1/0/41

#

interface 10GE1/0/42

 loopback internal

#

interface 10GE1/0/43

 undo portswitch

 statistics enable

 loopback internal

#

interface 10GE1/0/44

 loopback internal

#

interface 10GE1/0/45

 undo portswitch

 loopback internal

#

interface 10GE1/0/46

#

interface 10GE1/0/47

#

interface 10GE1/0/48

#

interface 100GE1/0/1

 undo portswitch

 mtu 9000

 description TO HEB-SDN-C2-A20-P01_HGE1/0/1

 ip address 10.5.0.114 255.255.255.252

 isis enable 10

 isis circuit-type p2p

 isis circuit-level level-2

 isis authentication-mode md5 cipher         //重新添加

 isis small-hello

 device transceiver 100GBASE-FIBER

 isis bfd enable     //需要核实(命令支持)

 mpls  //需要核实(命令支持)
# mpls te enable //需要核实(不支持,删除)
# ip mtu 9000 //需要核实(删除,同mtu 9000)
 ipv6 mtu 9000 //需要核实(命令支持)
# bfd min-transmit-interval 100 //需要核实(不支持,删除,ISIS进程内已经开启所有接口BFD功能)
# bfd min-receive-interval 100
//需要核实(不支持,删除)
# bfd detect-multiplier 3
//需要核实(不支持,删除)
#

interface 100GE1/0/2

#

interface 100GE1/0/3

#

interface 100GE1/0/4

#

interface 100GE1/0/5

#

interface 100GE1/0/6

#

interface LoopBack0

 description for_Management

 ip address 10.2.0.45 255.255.255.255

 isis enable 10

#

interface LoopBack1

 description for_Service

 ip address 10.2.0.46 255.255.255.255

 isis enable 10

# isis prefix-sid index 19942 no-php
//需要核实(不支持,删除)
#

bgp 137749

# non-stop-routing
//需要核实(不支持,删除)
 router-id 10.2.0.46

 group RR internal

 peer RR connect-interface LoopBack1

 peer RR password cipher  
//需要重配
 peer 10.1.0.2 as-number 137749

 peer 10.1.0.2 group RR

 peer 10.1.0.6 as-number 137749

 peer 10.1.0.6 group RR

 #

 ipv4-family unicast

  peer RR enable

  peer 10.1.0.2 enable

  peer 10.1.0.2 group RR

  peer 10.1.0.6 enable

  peer 10.1.0.6 group RR

 #

 l2vpn-family evpn

  peer RR enable

  peer RR advertise-community

  peer RR next-hop-local
//需要核实(命令支持)
  peer RR advertise encap-type mpls
//需要核实(命令支持)
  peer 10.1.0.2 enable

  peer 10.1.0.2 group RR

  peer 10.1.0.6 enable

  peer 10.1.0.6 group RR

#

#segment-routing
//需要核实(不支持,删除)
#

snmp-agent community read ceni_public

snmp-agent sys-info version all

snmp-agent group v3 admin_123 privacy

snmp-agent group v3 ceni_public privacy

snmp-agent group v3 snmpv3 write-view ViewDefault

snmp-agent group v3 terra-monitor-group privacy

snmp-agent target-host trap address udp-domain 10.11.1.6 params securityname admin_123 v3 privacy

snmp-agent target-host trap address udp-domain 10.11.1.5 params securityname ceni_public

snmp-agent target-host trap address udp-domain 192.168.11.253 params securityname ceni_public

snmp-agent target-host trap address udp-domain 10.33.2.158 udp-port 60162 params securityname public v2c

snmp-agent target-host trap address udp-domain 10.255.1.34 udp-port 9317 params securityname admin_123 v3 privacy

snmp-agent usm-user v3 admin_123 admin_123 simple authentication-mode md5 cipher 123_admin

snmp-agent usm-user v3 admin_123 privacy-mode des56 cipher 123_admin

snmp-agent usm-user v3 ceni_public ceni_public authentication-mode md5 ***

snmp-agent usm-user v3 terra-monitor terra-monitor authentication-mode sha  *** privacy-mode des56 ***

snmp-agent trap enable feature-name arp

snmp-agent trap enable feature-name l2vpn

snmp-agent trap enable feature-nam radius

snmp-agent trap enable feature-name bfd

snmp-agent trap enable feature-name bgp

snmp-agent trap enable feature-name configuration

snmp-agent trap enable feature-name isis

snmp-agent trap enable feature-name l3vpn

snmp-agent trap enable feature-name ldp

snmp-agent trap enable feature-name system

snmp-agent trap source LoopBack0

#

undo snmp-agent proxy protocol source-status all-interface

undo snmp-agent proxy protocol source-status ipv6 all-interface

#

lldp enable

#

ssh server enable

stelnet server enable

sftp server enable

snetconf server enable

ssh user ceni_sftp

ssh user ceni_sftp authentication-type password

ssh user ceni_sftp service-type sftp

ssh user ceni_sftp sftp-directory flash:/

ssh user ceni_heb

ssh user ceni_heb authentication-type password

ssh user ceni_heb service-type snetconf stelnet

ssh user nms_admin

ssh user nms_admin authentication-type password

ssh user nms_admin service-type all

ssh user nms_admin sftp-directory flash:/

ssh server-source all-interface

ssh ipv6 server-source all-interface

ssh authorization-type default aaa

#

//ssh server cipher aes256_ctr aes128_ctr

//ssh server hmac sha2_256_96 sha2_256 sha1_96

//ssh server key-exchange dh_group_exchange_sha256 dh_group_exchange_sha1 ecdh_sha2_nistp256 ecdh_sha2_nistp384 ecdh_sha2_nistp521 sm2_kep

#

//ssh server publickey dsa ecc rsa

#

//ssh server dh-exchange min-len 2048

#

ssh client first-time enable

ssh client peer 10.1.0.21 assign ecc-key 10.1.0.21

ssh client peer 172.5.0.41 assign ecc-key 172.5.0.41

#

ssh client publickey dsa ecc rsa

#

ssh client cipher aes256_gcm aes128_gcm aes256_ctr aes192_ctr aes128_ctr aes256_cbc aes128_cbc 3des_cbc

ssh client hmac sha2_512 sha2_256_96 sha2_256 sha1 sha1_96 md5 md5_96

ssh client key-exchange dh_group_exchange_sha256 dh_group_exchange_sha1 dh_group14_sha1 dh_group1_sha1 ecdh_sha2_nistp256 ecdh_sha2_nistp384 ecdh_sha2_nistp521 sm2_kep

#

ping mac enable

#

user-interface con 0

 authentication-mode password

 set authentication password cipher $1c$K],M:7$/O"$[r(k3vImnHxJPh84'KR*WK.H,srvz%5NY|#>vAYS$

#

user-interface vty 0 4

 authentication-mode aaa

 protocol inbound ssh

#

vm-manager

#

http

#

return


粉丝:103人 关注:0人

看不到配置呀

编辑答案

你正在编辑答案

如果你要对问题或其他回答进行点评或询问,请使用评论功能。

分享扩散:

提出建议

    +

亲~登录后才可以操作哦!

确定

亲~检测到您登陆的账号未在http://hclhub.h3c.com进行注册

注册后可访问此模块

跳转hclhub

你的邮箱还未认证,请认证邮箱或绑定手机后进行当前操作

举报

×

侵犯我的权益 >
对根叔社区有害的内容 >
辱骂、歧视、挑衅等(不友善)

侵犯我的权益

×

泄露了我的隐私 >
侵犯了我企业的权益 >
抄袭了我的内容 >
诽谤我 >
辱骂、歧视、挑衅等(不友善)
骚扰我

泄露了我的隐私

×

您好,当您发现根叔知了上有泄漏您隐私的内容时,您可以向根叔知了进行举报。 请您把以下内容通过邮件发送到pub.zhiliao@h3c.com 邮箱,我们会尽快处理。
  • 1. 您认为哪些内容泄露了您的隐私?(请在邮件中列出您举报的内容、链接地址,并给出简短的说明)
  • 2. 您是谁?(身份证明材料,可以是身份证或护照等证件)

侵犯了我企业的权益

×

您好,当您发现根叔知了上有关于您企业的造谣与诽谤、商业侵权等内容时,您可以向根叔知了进行举报。 请您把以下内容通过邮件发送到 pub.zhiliao@h3c.com 邮箱,我们会在审核后尽快给您答复。
  • 1. 您举报的内容是什么?(请在邮件中列出您举报的内容和链接地址)
  • 2. 您是谁?(身份证明材料,可以是身份证或护照等证件)
  • 3. 是哪家企业?(营业执照,单位登记证明等证件)
  • 4. 您与该企业的关系是?(您是企业法人或被授权人,需提供企业委托授权书)
我们认为知名企业应该坦然接受公众讨论,对于答案中不准确的部分,我们欢迎您以正式或非正式身份在根叔知了上进行澄清。

抄袭了我的内容

×

原文链接或出处

诽谤我

×

您好,当您发现根叔知了上有诽谤您的内容时,您可以向根叔知了进行举报。 请您把以下内容通过邮件发送到pub.zhiliao@h3c.com 邮箱,我们会尽快处理。
  • 1. 您举报的内容以及侵犯了您什么权益?(请在邮件中列出您举报的内容、链接地址,并给出简短的说明)
  • 2. 您是谁?(身份证明材料,可以是身份证或护照等证件)
我们认为知名企业应该坦然接受公众讨论,对于答案中不准确的部分,我们欢迎您以正式或非正式身份在根叔知了上进行澄清。

对根叔社区有害的内容

×

垃圾广告信息
色情、暴力、血腥等违反法律法规的内容
政治敏感
不规范转载 >
辱骂、歧视、挑衅等(不友善)
骚扰我
诱导投票

不规范转载

×

举报说明