This example shows how to log in to another device by using Telnet. You can configure the user authentication mode and password to log in to another device by using Telnet.
Large numbers of devices need to be managed and maintained on a network. You cannot connect each device to a terminal. When no reachable route exists between remote devices and a terminal, you can use Telnet to log in to the remote devices from the device that you have logged in to.
As shown in Figure 1, you can use Telnet on the PC to log in to P1 but cannot directly use Telnet to log in to P2. P1 and P2 are routable. To remotely manage and configure P2, use Telnet on P1 to log in to P2.
The configuration roadmap is as follows:
To complete the configuration, you need the following data:
Host address of P2: 22.214.171.124
Authentication mode: password; password: Hello-hello
<HUAWEI> system-view [~HUAWEI] sysname P2 [*HUAWEI] commit [~P2] user-interface vty 0 4 [~P2-ui-vty0-4] authentication-mode password [~P2-ui-vty0-4] set authentication-mode password Please configure the login password (8-16) Enter Password: Confirm Password:
The password must meet the following requirements:
For example, the password "Aa123"45"" is valid, but the password "Aa 123"45"" is invalid.
The configured password is displayed in ciphertext in the configuration file.
[*P2-ui-vty0-4] commit [~P2-ui-vty0-4] quit
If an ACL is configured to access other devices by using Telnet, perform the following configurations on P2:
[~P2] acl 2000 [*P2-acl4-basic-2000] rule permit source 126.96.36.199 0 [*P2-acl4-basic-2000] quit [*P2] user-interface vty 0 4 [*P2-ui-vty0-4] acl 2000 inbound [*P2-ui-vty0-4] commit [~P2-ui-vty0-4] quit
The ACL configurations are optional.
After the configurations are complete, use Telnet on P1 to log in to P2.
<HUAWEI> system-view [~HUAWEI] sysname P1 [*HUAWEI] commit [~P1] quit <P1> telnet 188.8.131.52 Trying 184.108.40.206 Press CTRL+K to abort Connected to 220.127.116.11 Username: root Password: <P2>
P1 configuration file
# sysname P1 # interface gigabitethernet0/1/1 undo shutdown ip address 18.104.22.168 255.255.255.0 # admin return
P2 configuration file
# sysname P2 # acl number 2000 rule 5 permit source 22.214.171.124 0 # interface gigabitethernet0/1/1 undo shutdown ip address 126.96.36.199 255.255.255.0 # user-interface vty 0 4 authentication-mode password set authentication password cipher @%@%(t7h+Qu=a#pz`3Kylk1/,JXR%iy(DA!x8&+!|#b&.dEW65~.lEqGm~Np$O#2M]xJM@%@% acl 2000 inbound # return