Web password setting for the USG2000&5000 series


The default user name/password for login to the web UI is admin/Admin@123.
For system security, as a web administrator, you are advised to change the password after login.
[sysname] aaa
[sysname-aaa] local-user admin1 password irreversible-cipher *********
[sysname-aaa] local-user admin1 service-type web
[sysname-aaa] local-user admin1 level 3

Other related questions:
Configuring an address set for the USG2000&5000 series
The USG2000&5000 series supports configuring an address set using the web UI or CLI. An address set can contain IP addresses, network segments, IP address ranges, and MAC addresses and be contained in another address set. Configuring an address set using the web UI: Choose Firewall > Address > Address Set and then click Create in Address Set List. Enter or select the address set name and description, reference the address or address set, configure the IP address, and click Apply. Configuring an address set using the CLI: 1. Run the ip address-set address-set-name [ type { object | group } | vpn-instance vpn-instance-name ] * command in the system view to create an address set and access its view. 2. Run the address [ id ] { ip-address { 0 | wildcard | mask { mask-address | mask-len } } | range start-ip-address end-ip-address | address-set address-set-name | mac-address } [ description description ] command to add a member to this address set. You can run this command repeatedly to add multiple members to this address set. 3. Run the description text command to configure the address set description.

Method for setting a permanently available password for the administrator of the USG2000&5000 series
For the USG2000&5000 series, the following example is provided for you to set the validity period of the administrator login password: # Set the password validity period for the administrator test to 80 days. system-view [sysname] aaa [sysname-aaa] local-user test password valid-days 80 For the USG6000 series, the following example is provided for you to set the validity period of the administrator login password: # Set the password validity period for the administrator test to 80 days. system-view [sysname] aaa [sysname-aaa] manager-user test [sysname--manager-user-test] password valid-days 80 If valid-days is set to 0, the password never expires. For more command details, see the product documentation.

Setting the super password for the USG2000&5000
When a lower-level user is switched to a higher-level user, user identity authentication is required to prevent unauthorized access. That is, the password of the higher-level user is required. The super password command can be used to set the password used to switch a lower-level user to a higher-level user. An example is provided for setting the super password. # Configure the password to Abcd@1234 for switching from a lower-level user to a level-3 user. system-view [sysname] super password level 3 cipher Abcd@1234 Note: A configured password cannot be retrieved from the system. You should carefully keep the password in case that you may forget or lose it.

Setting the console password on the USG2000&5000
For the login through the console port, the account and password must be set. 1. During the first log, use the default account (admin) and password (Admin@123) of the console port. 2. To prevent an unauthorized user to access the device with the default account and password, you are advised to change this password after your first login to the device. system-view [sysname] user-interface Console 0 [sysname-ui-Console0] authentication-mode local user admin password cipher *********

Setting the SSH password on the USG2000&5000
Login through SSH improves the security of data transmission. Therefore, you are advised to log in through SSH. In addition, you are advised to use AAA for authentication. 1. Set the administrator IP addresses that can access the device remotely. The administrator cannot use IP addresses that are not specified in the ACL to remotely access the device through SSH. 2. Configure connection number limit on the VTY administrator interface. 3. Set the administrator account and password for login through SSH. system-view [sysname] ssh user admin1 [sysname] ssh user admin1 authentication-type password [sysname] aaa [sysname-aaa] local-user admin1 password cipher ********* [sysname-aaa] local-user admin1 service-type ssh [sysname-aaa] local-user admin1 level 3 [sysname-aaa] local-user admin1 access-limit 1 4. Enable the STelnet service on the device. 5. Set the client service mode of the SSH account to STelnet.

If you have more questions, you can seek help from following ways:
To iKnow To Live Chat
Scroll to top