How to forbid HTTP access on an interface of an AR router

26

Configure ACL rules on an interface of an AR router to forbid HTTP access.

Other related questions:
How to enable the web function on an AR router
The methods of enabling the web function on an AR router are as follows: Method 1: Default web login 1. Connect a PC to the router over the management interface through a network cable. 2. Configure an IP address for the PC. Configurable network segment: 192.168.1.2~192.168.1.254. 3. Open a browser, enter the URL "https://192.168.1.1" in the address bar, and click Enter to enter the user login page. 4. Enter login information. 5. Configure the router through the web NMS page. Note: If you cannot enter the web NMS page, the software version you use does not support the default web login method. Please try the following method: Method 2: Non-default web login 1. Connect a PC to the router over the CON/AUX interface through a console configuration cable. 2. Enable the terminal emulation software on the PC, create a connection, and set an interface for the connection and other communication parameters. 3. Press Enter until the following information is displayed to remind users of configuring a verification code. 4. Connect a PC to the router over the management interface through a network cable. 5. Configure an IP address for the router for management. 6. Enable the web service. 7. Configure an HTTPS user and a user level. 8. Configure an IP address for the PC. 9. Open a browser, enter the URL "https://192.168.1.1" in the address bar, and click Enter to enter the user login page. 10. Configure the router through the web NMS page.

How to disable the web function on an AR router
How to disable the web function on an AR router? For routers that support web NMS, disable the HTTP server on the routers to disable the web function. Specific method is as follows: [Huawei] undo http server enable //Disable the HTTP service. [Huawei] undo http secure-server enable //Disable the HTTPS service.

How to forbid intra-VLAN access
Intra-VLAN access can be forbidden on an AR router using intra-VLAN Layer 2 isolation technologies, for example, interface isolation, MUX VLAN, and MQC-based intra-VLAN Layer 2 isolation.

Does the AR support the web
Starting from V200R002C01, the AR supports the web platform. You can use the web platform to manage and maintain AR routers on the GUI. V200R005C20SPC200 is recommended. For details, see Access Router Product Information Center.

Incomplete web page menu on an AR router
The problem is caused due to insufficient user permissions: The default level of web users is 0, which indicates that the users can only use network diagnosis commands (ping and Tracert) or query basic information. You can improve user permissions using command lines or through the web NMS. 1. Command lines: Configure a user level in the AAA view. [Huawei] aaa [Huawei-aaa] local-user huawei password irreversible-cipher Huawei@123 [Huawei-aaa] local-user huawei service-type http //An account with the login mode containing the HTTP type has the web login permission. [Huawei-aaa] local-user huawei privilege level 15 //Change the user permission to the administrator level. [Huawei-aaa] quit [Huawei] quit In the user view, run the save command to save the configuration, and re-log in to a web page for verification. 2. Web NMS: Log in to the web NMS using the super administrator account, and choose Web-based Configuration > User Management > User Management to change the user permission.

If you have more questions, you can seek help from following ways:
To iKnow To Live Chat
Scroll to top