防火墙的三种连接方式
防火墙的三种连接方式
1.Telnet连接
1.在防火墙的Gigabitethernet0/0/0接口下进行配置。
interface GigabitEthernet0/0/0
undo shutdown
ip binding v*n-instance default
ip address 192.168.10.2 255.255.255.0
alias GE0/METH
service-manage ping permit
service-manage telnet permit
user-interface vty 0 4
protocol inbound all
authentication-mode password
user privilege level 3
set authentication password cipher {自己配置的密码}
2.在win10上启用telnet客户端
1)打开“启用或关闭Windows功能”
找到Telnet Client并勾选后点击确定,接着进入CMD进行访问。
2.Web管理
1.在防火墙上使用以下命令开启服务。
interface GigabitEthernet0/0/0
service-manage http permit
service-manage https permit
2.在浏览器中输入https://192.168.10.2或是HTTP://192.168.10.2,进入到Web页面,点击详细信息,转到此页面。
3.第一栏选择语言,输入用户名与密码,进入防火墙Web页面。
3.SSH管理
1.在防火墙上使用以下命令开启服务。
interface GigabitEthernet0/0/0
service-manage ssh permit
[USG6000V1]user-interface vty 0 4
[USG6000V1-ui-vty0-4]authentication-mode aaa
[USG6000V1-ui-vty0-4]user privilege level 3
[USG6000V1]ssh authentication-type default password
[USG6000V1]rsa local-key-pair create
The key name will be: USG6000V1_Host
% RSA keys defined for USG6000V1_Host already exist.
Confirm to replace them? [y/n]:y
The range of public key size is (2048 ~ 2048).
NOTES: If the key modulus is greater than 512,
it will take a few minutes.
Input the bits in the modulus[default = 2048]:
Generating keys...
..+++++
........................++
....++++
...........++
[USG6000V1]stelnet server enable
[USG6000V1]ssh user admin
[USG6000V1]ssh user admin authentication-type password
[USG6000V1]ssh user admin service-type stelnet
[USG6000V1]aaa
[USG6000V1-aaa]manager-user admin
[USG6000V1-aaa-manager-user-admin]service-type web ssh terminal
2.在SecureCRT中新建一个连接