Scribd Logo
Upload

Welcome to Scribd!

  • 81 views

    Huawei SW STD Template Configration - South REGIONAL

    Uploaded by

    Manmohan Gupta
    The document contains configuration steps for setting up SNMP, ACLs, VLANs, interfaces, and other network settings on a network device. Key steps include: 1. Configuring SNMP settings including community strings, traps, and target hosts. 2. Creating VLANs including a management VLAN and allowing it on appropriate ports. 3. Configuring interfaces including the management interface, uplink ports, and self-loop ports. Uplink ports are set as trunks while allowing only necessary VLANs.

    Copyright:

    © All Rights Reserved
    Download as TXT, PDF, TXT or read online from Scribd

    Huawei SW STD Template Configration - South REGIONAL

    Uploaded by

    Manmohan Gupta
    81 views6 pages
    The document contains configuration steps for setting up SNMP, ACLs, VLANs, interfaces, and other network settings on a network device. Key steps include: 1. Configuring SNMP settings including community strings, traps, and target hosts. 2. Creating VLANs including a management VLAN and allowing it on appropriate ports. 3. Configuring interfaces including the management interface, uplink ports, and self-loop ports. Uplink ports are set as trunks while allowing only necessary VLANs.

    Original Title

    Huawei Sw STD Template Configration_South REGIONAL

    Copyright

    © © All Rights Reserved

    Available Formats

    TXT, PDF, TXT or read online from Scribd

    Did you find this document useful?

    Is this content inappropriate?

    The document contains configuration steps for setting up SNMP, ACLs, VLANs, interfaces, and other network settings on a network device. Key steps include: 1. Configuring SNMP settings including community strings, traps, and target hosts. 2. Creating VLANs including a management VLAN and allowing it on appropriate ports. 3. Configuring interfaces including the management interface, uplink ports, and self-loop ports. Uplink ports are set as trunks while allowing only necessary VLANs.

    Copyright:

    © All Rights Reserved
    Download as TXT, PDF, TXT or read online from Scribd
    Download as txt, pdf, or txt
    81 views6 pages

    Huawei SW STD Template Configration - South REGIONAL

    Uploaded by

    Manmohan Gupta
    The document contains configuration steps for setting up SNMP, ACLs, VLANs, interfaces, and other network settings on a network device. Key steps include: 1. Configuring SNMP settings including community strings, traps, and target hosts. 2. Creating VLANs including a management VLAN and allowing it on appropriate ports. 3. Configuring interfaces including the management interface, uplink ports, and self-loop ports. Uplink ports are set as trunks while allowing only necessary VLANs.

    Copyright:

    © All Rights Reserved
    Download as TXT, PDF, TXT or read online from Scribd
    Download as txt, pdf, or txt
    of 6

    Setp 1:

    ************

    error-down auto-recovery cause bpdu-protection interval 30


    error-down auto-recovery cause mac-address-flapping interval 30
    error-down auto-recovery cause link-flap interval 30

    clock timezone GST add 5:30

    set save-configuration interval 1440


    undo info-center source default channel 2
    info-center loghost 100.67.39.82
    lldp enable
    dldp enable

    acl number 2005


    rule permit source 100.70.2.10 0.0.0.0
    rule permit source 100.70.2.12 0.0.0.0

    acl number 2020


    rule permit source 202.144.0.0 0.0.0.255
    rule permit source 119.227.3.0 0.0.0.255
    rule permit source 119.227.2.0 0.0.0.255
    rule permit source 119.227.1.0 0.0.0.255
    rule permit source 210.210.115.0 0.0.0.255
    rule permit source 1.7.0.0 0.0.0.255
    rule permit source 124.7.221.20 0.0.0.0
    rule permit source 100.70.42.0 0.0.0.31
    rule permit source 100.70.42.32 0.0.0.31
    q

    acl number 2036


    rule permit source 124.7.221.20 0.0.0.0
    rule permit source 202.144.77.204 0.0.0.0
    q

    acl number 2000


    rule permit source 100.65.235.160 0.0.0.31
    rule permit source 100.65.235.192 0.0.0.31
    rule permit source 100.70.42.0 0.0.0.31
    rule permit source 100.70.42.32 0.0.0.31
    q

    acl number 2075


    rule permit source 202.191.140.246 0
    rule permit source 202.191.140.244 0
    rule permit source 223.30.77.96 0.0.0.31

    acl number 2075


    rule permit source 202.144.0.0 0.0.0.255
    rule permit source 119.227.3.0 0.0.0.255
    rule permit source 119.227.2.0 0.0.0.255
    rule permit source 119.227.1.0 0.0.0.255
    rule permit source 210.210.115.0 0.0.0.255
    rule permit source 221.135.94.0 0.0.1.255
    rule permit source 100.70.42.0 0.0.0.31
    rule permit source 100.70.42.32 0.0.0.31
    q

    acl number 2075


    rule permit source 124.7.4.56 0.0.0.7
    rule permit source 124.7.7.152 0.0.0.15
    rule permit source 124.7.25.0 0.0.0.255
    rule permit source 124.7.70.232 0.0.0.7
    rule permit source 124.7.141.224 0.0.0.31
    rule permit source 124.7.157.0 0.0.0.255
    rule permit source 124.7.174.0 0.0.0.255
    rule permit source 124.7.224.0 0.0.0.255
    rule permit source 124.7.226.0 0.0.0.255
    rule permit source 124.7.244.0 0.0.0.63
    rule permit source 202.144.18.0 0.0.0.255
    rule permit source 210.18.10.128 0.0.0.31
    rule permit source 210.18.14.200 0.0.0.15
    rule permit source 210.210.0.0 0.0.127.255
    rule permit source 210.214.27.0 0.0.0.255
    rule permit source 210.214.45.0 0.0.0.255
    rule permit source 210.214.142.0 0.0.0.255
    rule permit source 210.214.173.0 0.0.0.63
    rule permit source 210.214.186.0 0.0.0.255
    rule permit source 210.214.229.0 0.0.0.255
    rule permit source 221.134.25.0 0.0.0.255
    rule permit source 221.134.44.0 0.0.0.31
    rule permit source 221.134.55.160 0.0.0.31
    rule permit source 221.134.134.0 0.0.0.31
    rule permit source 221.134.160.96 0.0.0.7
    rule permit source 221.134.172.0 0.0.0.127
    rule permit source 221.134.172.136 0.0.0.7
    rule permit source 221.135.80.0 0.0.0.127
    rule permit source 221.135.105.0 0.0.0.255
    rule permit source 221.135.107.0 0.0.0.255
    rule permit source 221.135.104.0 0.0.0.255
    rule permit source 210.210.124.0 0.0.0.255
    rule permit source 100.70.42.0 0.0.0.31
    rule permit source 100.70.42.32 0.0.0.31
    q

    acl number 2075


    rule permit source 124.7.25.0 0.0.0.31
    rule permit source 124.7.70.232 0.0.0.7
    rule permit source 124.7.141.224 0.0.0.31
    rule permit source 124.7.157.0 0.0.0.63
    rule permit source 124.7.224.0 0.0.0.127
    rule permit source 124.7.224.128 0.0.0.127
    rule permit source 124.7.226.192 0.0.0.15
    rule permit source 202.144.18.144 0.0.0.7
    rule permit source 202.144.18.160 0.0.0.15
    rule permit source 210.18.10.128 0.0.0.31
    rule permit source 210.210.0.0 0.0.127.255
    rule permit source 210.214.142.0 0.0.0.255
    rule permit source 210.214.173.0 0.0.0.63
    rule permit source 210.214.186.0 0.0.0.255
    rule permit source 210.214.229.0 0.0.0.127
    rule permit source 210.214.229.128 0.0.0.127
    rule permit source 221.134.25.0 0.0.0.127
    rule permit source 221.134.25.128 0.0.0.127
    rule permit source 221.134.55.160 0.0.0.31
    rule permit source 221.134.172.0 0.0.0.255
    rule permit source 221.135.105.0 0.0.0.255
    rule permit source 221.135.107.0 0.0.0.255
    rule permit source 210.214.170.0 0.0.0.255
    #
    #
    set save-configuration interval 1440
    #
    undo http server enable
    y
    undo http secure-server enable
    y
    #
    ntp-service access peer 2005
    ntp-service unicast-server 100.70.2.10
    ntp-service unicast-server 100.70.2.12
    #

    snmp-agent
    snmp-agent local-engineid 800007DB034C1FCC44F1BD
    y
    snmp-agent community read cipher S1LR0snmp acl 2000
    snmp-agent sys-info version v2c v3
    snmp-agent trap enable feature-name MSTP trap-name hwMstpiPortBpduGuarded
    snmp-agent trap enable feature-name MSTP trap-name hwMstpiPortRootGuarded
    snmp-agent trap enable feature-name MSTP trap-name hwMstpiPortLoopGuarded
    snmp-agent trap enable feature-name MSTP trap-name topologyChange
    snmp-agent trap enable feature-name IFNET trap-name linkDown
    snmp-agent trap enable feature-name IFNET trap-name linkUp
    snmp-agent trap enable feature-name SNMP trap-name authenticationFailure
    snmp-agent trap enable feature-name system trap-name hwpatcherrortrap
    snmp-agent trap enable feature-name system trap-name hwsysreloadnotification
    snmp-agent trap enable feature-name system trap-name hwsysimageerrornotification
    snmp-agent trap enable feature-name error-down trap-name hwerrordown
    snmp-agent trap enable feature-name error-down trap-name hwerrordownrecovery
    snmp-agent trap enable feature-name snmp trap-name coldstart
    snmp-agent trap enable feature-name line trap-name hwvtynumexceed
    snmp-agent trap enable feature-name datasync trap-name hwcfgchgnotify
    snmp-agent target-host trap address udp-domain 100.65.235.180 params securityname
    S1LR0snmp v2c
    #
    header login information "
    +---------------------------------------------------------------+
    | This system is for the use of authorized users only. |
    |Individuals using this system without authority or in excess |
    |of their authority are subject to having all of the activities |
    |on this system monitored and recorded by system personnel. |
    +---------------------------------------------------------------+
    NACL_CCE_SW

    "
    #
    #
    quit
    #
    save
    y

    =====================================
    Setp 2:
    *****************

    Kindly put the configration


    ----------------------------------

    user-interface maximum-vty 15
    user-interface con 0
    authentication-mode password
    set authentication password cipher sify@123
    user privilege level 15
    telnet server enable
    user-interface vty 0 14
    protocol inbound telnet
    authentication-mode password
    set authentication password cipher sify@123
    user privilege level 15

    Setp 3:
    **************
    Sysname GJ-AMD-IC1-C3-ST-CCE-U572-S01

    setp 4:
    ***************
    vl creation for MGMT in SW

    vl 639
    des VEL-AB-SWITCH-MGMT-639

    setp5:
    *******************

    interface Vlanif639
    description VEL-AB-SWITCH-MGMT-639
    ip address 100.X.X.X 255.255.255.128

    setp6:
    ****************
    ip route-static 0.0.0.0 0.0.0.0 GATEWAYIP

    setp7:
    ****************
    kindly check Mgmt vlan allowed uplink port

    setp8:
    ****************
    UPlink Interface configration

    Fiber uplink interface:


    ----------------------
    interface GigabitEthernet0/0/25
    undo negotiation auto
    des XXXXX
    set flow-stat interval 30
    port link-type trunk
    undo port trunk allow-pass vlan 1
    port trunk allow-pass vlan 639
    stp bpdu-filter enable
    stp edged-port enable
    storm-control broadcast min-rate 297 max-rate 446
    storm-control interval 30
    storm-control action block
    storm-control enable trap
    storm-control enable log

    RF UPLINK Interface
    --------------------
    interface GigabitEthernet0/0/1

    undo negotiation auto


    speed 100
    description X.X.X.X
    set flow-stat interval 30
    port link-type trunk
    port trunk pvid vlan 701
    undo port trunk allow-pass vlan 1
    port trunk allow-pass vlan 701 639
    stp bpdu-filter enable
    stp edged-port enable

    SELF-LOOP
    ***************
    interface GigabitEthernet0/0/7
    undo negotiation auto
    description XCNTSELF_UL8T_ABS_01_Gi0/0/4_[C-TAG]
    set flow-stat interval 30
    port link-type trunk
    undo port trunk allow-pass vlan 1
    stp bpdu-filter enable
    stp edged-port enable
    #
    interface GigabitEthernet0/0/8
    undo negotiation auto
    description XCNTSELF_UL8T_ABS_01_Gi0/0/3_[S-TAG]
    set flow-stat interval 30
    port link-type hybrid
    qinq vlan-translation enable
    undo port hybrid vlan 1
    port hybrid untagged vlan 50 51
    stp bpdu-filter enable
    stp edged-port enable
    #

    ================================
    HW:S5735-L8T4S-A1
    ****************************
    snmp-agent
    snmp-agent local-engineid 800007DB034C1FCC44F1BD
    snmp-agent community read cipher %^%#E/"x7KQApJgqCV8\>7LKtc<nHM$lYUFa`@%&!
    <AB.9X&Wd!;=;!3}i(*>ut=Q3cI,&WlvVvrNJ*HO1HJ%^%# acl 2000
    snmp-agent sys-info version v2c v3
    snmp-agent target-host trap address udp-domain 100.65.235.180 params securityname
    cipher %^%#+hmlP5U"P:NXUPK(tB^Keg(OPrancKR[7G6K5ADQ%^%# v2c
    snmp-agent trap enable feature-name MSTP trap-name hwMstpiPortBpduGuarded
    snmp-agent trap enable feature-name MSTP trap-name hwMstpiPortRootGuarded
    snmp-agent trap enable feature-name MSTP trap-name hwMstpiPortLoopGuarded
    snmp-agent trap enable feature-name MSTP trap-name topologyChange
    snmp-agent trap enable feature-name IFNET trap-name linkDown
    snmp-agent trap enable feature-name IFNET trap-name linkUp
    snmp-agent trap enable feature-name LINE trap-name hwVtyNumExceed
    snmp-agent trap enable feature-name SYSTEM trap-name hwSysReloadNotification
    snmp-agent trap enable feature-name SYSTEM trap-name hwPatchErrorTrap
    snmp-agent trap enable feature-name SNMP trap-name authenticationFailure
    snmp-agent protocol source-status all-interface
    snmp-agent protocol source-status ipv6 all-interface
    #
    stelnet server enable
    ssh server-source all-interface
    ssh server cipher aes256_ctr aes128_ctr
    ssh server hmac sha2_256
    ssh server key-exchange dh_group16_sha512 dh_group15_sha512 dh_group14_sha256
    dh_group_exchange_sha256
    ssh client cipher aes256_ctr aes128_ctr
    ssh client hmac sha2_256
    ssh client key-exchange dh_group16_sha512 dh_group15_sha512 dh_group14_sha256
    dh_group_exchange_sha256
    ssh server dh-exchange min-len 2048
    #

    Setp 1:
    *****************

    Kindly put the configration


    ----------------------------------
    user-interface maximum-vty 15
    user-interface con 0
    authentication-mode password
    set authentication password cipher sify@123
    user privilege level 15
    telnet server enable
    user-interface vty 0 14
    protocol inbound telnet
    authentication-mode password
    set authentication password cipher sify@123
    user privilege level 15
    q
    telnet server-source all-interface

    You might also like