Initially configuring the switch, Configuring a login authentication method, Configuring the basic access function – H3C Technologies H3C S3100V2 Series Switches User Manual

42

Initially configuring the switch

By default, the administrator can only log in to the switch through the console port without any

authentication. The default login method does not facilitate remote maintenance and management of the

switch, and brings vulnerabilities to the switch. After the first login, you can perform the following

configurations.

•

Configure the login method so that you can remotely maintain and manage the switch and control
login user privileges.

•

Configure the access function of the switch to satisfy the requirements of different users.

Configuring a login authentication method

By configuring the authentication mode and the corresponding username, authentication method, and

user privilege level, you can perform login user privilege control, and improve switch security.
The switch supports login through the console port, telnet, SSH, and NMS.
The following section takes login through telnet for example. Login through telnet supports three login

authentication methods.

Table 11 Telnet login authentication methods

Authentication method Feature

Application scenarios

None

Easy to configure, allows any user to Telnet to
your switch, and lowest in security

Lab environments and extremely
secure network environments

Password

Easy to configure, allows any user knowing the
password to telnet to your switch, high in

security, but incapable of assigning different

privilege levels to different users

Environments that do not need
granular privilege management

Username and password

Complex to configure, allows users inputting
the correct username and password to Telnet to

your switch, high in security, and capable of
assigning different privilege levels to different

users

Environments where multiple
operators cooperate to manage

the switch

Configuring the basic access function

When the switch with the default settings accesses the network, it can perform basic data transmission.
To implement more service requirements, you can configure the basic access function on the switch.

Table 12 Basic access function configurations

Function Description

IP addresses

Allows you to remotely manage the switch and use the switch in a network.

Static routing

Allows the switch to implement routing.

VLAN

Divides the network into multiple VLANs, and improves data security.

MSTP

Avoids loops in a network using dual uplinks to provide redundancy.

NOTE:

For more information about login methods and access function configuration, see the

H3C S3100V2

Switch Series Configuration Guides.