Configuring a remote login mode for the USG2000&5000

Configure a remote login mode for the USG2000&5000 as follows:

1. Log in to the device through SSH.
Through the configuration, users log in to the device through SSH to configure and management the device.
Note:
In hot standby networking, SSH configuration commands are not synchronized from the active device to the standby device. You must configure SSH on both devices.
Procedure:
a. Set IP addresses for interfaces.
system-view
[USG] interface GigabitEthernet 0/0/1
[USG-GigabitEthernet0/0/1] ip address 10.1.1.1 255.255.255.0
[USG-GigabitEthernet0/0/1] quit
b. Create SSH user Client001.
Configure the VTY user interface.
[USG] user-interface vty 0 4
[USG-ui-vty0-4] authentication-mode aaa
[USG-ui-vty0-4] protocol inbound ssh
[USG-ui-vty0-4] quit
Create SSH user Client001.
Create SSH user Client001 and set the authentication mode to password authentication.
[USG] ssh user client001
[USG] ssh user client001 authentication-type password
Set the password to Admin@123 for SSH user Client001.
[USG] aaa
[USG-aaa] local-user client001 password irreversible-cipher Admin@123
[USG-aaa] local-user client001 service-type ssh
[USG-aaa] quit
c. Set the service to STelnet for SSH users Client001 and Client002 and enable the STelnet service.
[USG] ssh user client001 service-type stelnet
[USG] stelnet server enable
d. Run the client software that supports SSH and establish an SSH connection.

2. Log in to the device through Telnet.
Through the configuration, users log in to the device through Telnet to configure and management the device.
Note:
Port 23 and Telnet are enabled on the USG by default. Users can run the undo telnet server enable command to disable port 23 and Telnet.
Procedure:
a. Access the USG user view through the console interface.
b. Set IP addresses for interfaces.
The local user access GigabitEthernet0/0/1 of the USG through Telnet, the interface IP address is 10.10.10.10, and subnet mask is 255.0.0.0.
system-view
[USG] interface GigabitEthernet 0/0/1
[USG-GigabitEthernet0/0/1] ip address 10.10.10.10 255.0.0.0
[USG-GigabitEthernet0/0/1] quit
c. Configure user information.
Configure the authentication mode to AAA for the VTY interface, and set the Telnet user name to user1, password to password@123, password storage mode to cipher, and level to level 3.
system-view
[USG] user-interface vty 0 4
[USG-ui-vty0-4] authentication-mode aaa
[USG-ui-vty0-4] protocol inbound telnet
[USG-ui-vty0-4] quit
[USG] aaa
[USG-aaa] local-user user1 password irreversible-cipher password@123
[USG-aaa] local-user user1 service-type telnet
[USG-aaa] local-user user1 level 3
d. Run the Telnet program on a PC (Windows). Choose Start > Run on the PC. In the Run window, enter telnet 10.10.10.10 (to connect interface IP address 10.10.10.10).
e. Click OK to connect to the USG.

Scroll to top