Method for configuring Telnet login to the USG6000 series

20

To understand how to log in to the USG6000 series through Telnet, log in to Huawei Enterprise Service Support website, view or download the product document based on the product model and version, and search the product document for the following case: Configuring Telnet Login to the CLI.

Other related questions:
Retrieving the Telnet login password on the USG6000
Retrieve the Telnet login password on the USG6000 as follows: In this case, you need to log in to the device through the console port or web UI. The operations are as follows (with user1 being the user that has forgotten the password): 1. Change the password through the console port. system-view [USG6600]aaa [USG6600-aaa]manager-user admin [USG6600-aaa-manager-user-admin]password cipher password@123 //Indicates changing the password of the admin account to password@123. Retrieve the Telnet login password as follows: system-view [USG6600]user-interface vty 0 4 [USG6600-ui-vty0-4]authentication-mode password cipher huawei@123

Telnet login and authentication mode configuration method on an AR router
In the user interface view, run the authentication-mode { password | aaa } command to configure a user authentication mode.

Method for configuring remote login to the web UI of the USG6000 series
The management interface of the firewall has the web UI login function enabled by default.

Method for configuring HTTPS login to the web UI of the USG6000
You can configure the HTTPS login to the web UI as follows:
Note: If you only enable the web function by running web-manager enable but do not enable the HTTPS service by running web-manager security enable, you cannot log in to the device.
1. Networking requirement
Configure a local authentication administrator webadmin for the NGFW and require that the administrator use HTTPS to log in to the web UI.

2. Configuration roadmap
a. Configure the web service for the device and enable the HTTPS service on the interface to allow the administrator to use HTTPS to log in to the web UI.
b. Create an administrator.
3. Operation procedure
system-view
a. Enable the web service.
Enable HTTPS.
[NGFW] web-manager security enable port 8443
Configure the timeout period for the web service.
[NGFW] web-manager timeout 5
By default, the web service timeout period is 10 minutes.
(Optional) Configure automatic web UI lockout upon 5 consecutive administrator login failures.
Note:
By default, the web UI will be added to the blacklist for 10 minutes (cannot be modified) after 3 consecutive authentication failures.
[NGFW] firewall blacklist authentication-count login-failed 5
Configure the IP address on GigabitEthernet 1/0/3 and enable the HTTPS service.
system-view
[NGFW] interface GigabitEthernet 1/0/3
[NGFW-GigabitEthernet1/0/3] ip address 10.3.0.1 255.255.255.0
[NGFW-GigabitEthernet1/0/3] service-manage enable
[NGFW-GigabitEthernet1/0/3] service-manage https permit
[NGFW-GigabitEthernet1/0/3] quit
Add the interface to the security zone.
[NGFW] firewall zone trust
[NGFW-zone-trust] add interface GigabitEthernet1/0/3
[NGFW-zone-trust] quit
b. Create an administrator.
Create an administrator and bind a role to it.
[NGFW-aaa] manager-user webadmin
[NGFW-aaa-manager-user-webadmin] password
Enter Password:
Confirm Password:
[NGFW-aaa-manager-user-webadmin] service-type web
[NGFW-aaa-manager-user-webadmin] access-limit 10
[NGFW-aaa-manager-user-webadmin] level 3
[NGFW-aaa-manager-user-webadmin] quit
Log in to the NGFW on the administrator PC.
Open the browser on the PC and access https://10.3.0.1:8443, the IP address of the device to be logged in to.
On the login page, enter the administrator's user name and password, respectively webadmin and Myadmin@123, and click Enter to enter the web UI.

If you have more questions, you can seek help from following ways:
To iKnow To Live Chat
Scroll to top