H3C常用配置和命令

时间:2021-11-05 05:47:47

邻居发现命令
display lldp neighbor-information list

DHCP中继配置
dhcp enable
dhcp relay server-group 1 ip x.x.x.x #x为DHCP服务器的ip地址
int vlan 30
     dhcp select relay
     dhcp relay server-select 1

在H3C交换机配置dhcp服务器时查看地址的分配情况
dis dhcp server ip-in-use pool vlan1006
dis dhcp server free-ip pool vlan1006

在H3C交换机上释放dhcp分配的地址
<H3C>reset dhcp server ip-in-use all

查看接口描述
display interface brief description

default接口
[h3c]interface GigabitEthernet 1/0/41
[h3c-GigabitEthernet1/0/41]default

全局开启802.1X
dot1x
dot1x authentication-method eap
dot1x timer quiet-period 10
dot1x timer tx-period 10
mac-authentication
mac-authentication domain 1x
radius scheme 1x
primary authentication 172.28.101.3
primary accounting 172.28.101.3
secondary authentication 172.28.101.2
secondary accounting 172.28.101.2
key authentication cipher $c$3$NAIz9CqJDECj7p7qCeuCDXbmfRIcyOtxxCDlaA==
key accounting cipher $c$3$TaTYg1NBpPoTzE97hwyZJSEnRnFiBvIpaVoOgg==
user-name-format without-domain
radius scheme system
user-name-format without-domain
domain 1x
authentication lan-access radius-scheme 1x
authorization lan-access radius-scheme 1x
accounting lan-access radius-scheme 1x

接口下开启802.1X
interface GigabitEthernet2/0/1
description 802.1x_authenration
port link-type hybrid
undo port hybrid vlan 1
port hybrid vlan 1030 3000 untagged
port hybrid pvid vlan 3000
mac-vlan enable
stp edged-port
dot1x
undo dot1x handshake
dot1x mandatory-domain 1x
undo dot1x multicast-trigger
dot1x re-authenticate
dot1x unicast-trigger
dot1x guest-vlan 1030
dot1x auth-fail vlan 1030
mac-authentication
mac-authentication domain 1x
mac-authentication guest-vlan 1030
mac-authentication parallel-with-dot1x

日志管理
display logbuffer #查看日志
reset logbuffer #清除日志

查看arp
[CORE]arp max-learning-number 1024 #设置arp最大学习条目(h3c最大条目数为1024)
[CORE]dis arp all count #查看arp已使用条目
<CORE>reset arp dynamic #清除动态arp表
[CORE]dis ip routing-table summary #查看最大支持路由条目

SSH,Telnet登陆配置

user-interface vty
authentication-mode password
user privilege level
set authentication password cipher admin
local-user admin
password cipher admin
authorization-attribute level
service-type ssh telnet
service-type web
user-interface vty
authentication-mode scheme

参考链接:
      https://zhiliao.h3c.com/questions      #H3C知了社区