【Introduction】
This document describes how to troubleshoot common login faults of Huawei S series switches, including: failure to log in to a Huawei S series switch through Telnet; failure to log in to a Huawei S series switch through STelnet; failure to log in to a Huawei S series switch through the web system even though the switch and client can ping each other.
【Contents】
Why Do I Fail to Log In to a Switch Through Telnet?
Using Telnet, you can remotely manage a switch. However, Telnet may pose security risks and is typically used on networks that do not have high security requirements. If you fail to log in to the device through Telnet, perform the operations in this section for troubleshooting.
1. Check whether the TCP connection fails to be established due to unreachable routes.
Use the ping command to check whether the route is normal. If the ping succeeds, go to Step 2. If the ping fails, perform the following operations:
a. Check whether routes are correct.
b. Check whether ARP entries are correctly learned.
2. Check whether the source interface is specified for a Telnet server.
3. Check whether the number of users logging in to the device reaches the upper limit.
4. Check whether the access protocol is correctly configured in the VTY user interface view.
5. Check whether an ACL is configured in the VTY user interface view.
6. Check whether an authentication mode is set for login users in the user interface view.
7. If Telnet protocol packets are lost due to loops or some other reasons, logging in to the device through Telnet may fail intermittently.
8. If the fault persists, collect log, alarm, and configuration information, and contact technical support personnel. To collect device diagnostic information, run the display diagnostic-information command.
Why Do I Fail to Log In to a Switch Through STelnet?
STelnet is recommended for logging in to a switch because Telnet may pose security risks. If you fail to log in to the device through STelnet, perform the operations in this section for troubleshooting.
1. Check whether the TCP connection fails to be established due to unreachable routes.
Use the ping command to check whether the route is normal. If the ping succeeds, go to Step 2. If the ping fails, perform the following operations:
a. Check whether routes are correct.
b. Check whether ARP entries are correctly learned.
2. Check whether the SSH service and source interface of the device are enabled.
3. Check whether the access protocol and authentication mode configured in the VTY user interface view are correct.
4. Check whether an RSA, a DSA, or an ECC public key is configured on the device.
5. Check whether an SSH user is configured on the device.
6. Check whether the number of login users on the SSH server reaches the upper limit.
7. Check whether an ACL is bound to the VTY user interface of the SSH server.
8. Check the SSH version on the SSH client and server.
9. Check whether first-time authentication is enabled on the SSH client.
10. Check whether attack source tracing is configured on the SSH server.
8. If the fault persists, collect log, alarm, and configuration information, and contact technical support personnel. To collect device diagnostic information, run the display diagnostic-information command.
Why Do I Fail to Log In to a Switch Through the Web System?
The web system uses the built-in web server on a switch to provide a GUI through which you can perform switch management and maintenance. You can log in to the web system from terminals using HTTPS. If you fail to log in to the device through the web system, perform the operations in this section for troubleshooting.
1. Check whether the HTTPS service is enabled.
2. Check whether the source interface or IPv6 source address of the HTTP/HTTPS server is configured on the switch.
3. Check whether the number of online web users reaches the upper limit.
4. Check whether the device performs access control for web users.
5. Check whether the access type of the web user is correct.
6. If the fault persists, collect log, alarm, and configuration information, and contact technical support personnel. To collect device diagnostic information, run the display diagnostic-information command.
More detailed configuration steps please click Here
Newest TechNotes
How to Install a License for a Stack System of S Series Switches
Why Does the S5700 Fail to Restrict User Access Through a Traffic Policy
Troubleshooting the Fault that Users Fail to Access Intranet Servers
Troubleshooting Failures to Log In to the Web System of AR Routers
How to Configure Option 43 When Huawei APs Are Connected to DHCP Servers of Different Vendors
