For more information, please scan the WhatsApp QR code below to contact customer service.
Good evening, everyone!
Today, Teacher Dashu will teach you step by step: how to configure Telnet remote management on Huawei devices. It only takes four steps, and it's stable and secure!
Ⅰ. What is Telnet?
Telnet, whose full name is Terminal Network Protocol, is a traditional remote management protocol that allows you to directly access the CLI interface of switches/routers remotely via the network.
Plaintext transmission is suitable for internal network testing/temporary debugging. For formal deployment, SSH is recommended!
Ⅱ. Configure Telnet, only four steps!
The following takes the Huawei switch (such as S5700) as an example to perform a complete Telnet configuration.
Step 1: Configure the device IP address
Make your device eligible for remote access!
1 [Switch] interface Vlanif1
2 [Switch-Vlanif1] ip address 192.168.10.1 255.255.255.0
Ensure that the computer and the switch are in the same network segment. For example, the computer IP is 192.168.10.100.
Step 2: Create a Telnet user
1 [Switch] aaa
2 [Switch-aaa] local-user admin password irreversible-cipher Huawei@123
3 [Switch-aaa] local-user admin service-type telnet
4 [Switch-aaa] local-user admin privilege level 15
Instructions:
Parameter | Meaning |
irreversible-cipher | Store the password using an encryption method |
service-type telnet | Allow this user to log in via Telnet |
privilege level 15 | Grant the highest privilege (administrator) |
Step 3: Enable VTY lines and specify the authentication method
Supports a maximum of 5 concurrent online Telnet sessions (0 - 4)
Step 4: Enable the Telnet service function
1 [Switch] stelnet server enable //SSH enable (optional)
2 [Switch] telnet server enable // Telnet is enabled (mandatory configuration)
Note: By default, Telnet is in the disabled state. Be sure to execute "telnet server enable".
Ⅲ.Test connection
Open the CMD command line on the PC side:
Enter the username: admin, password: Huawei@123, and the login is successful!
You can also use Telnet - supported tools, such as:
• SecureCRT
• PuTTY
• Xshell
IV. Suggestions for Enhancing Telnet Security
Although Telnet is not encrypted by default, you can still make the following configurations to enhance security:
Restrict access from source I
1 [Switch] acl number 2001
2 [Switch-acl-basic-2001]rule5permitsource192.168.10.00.0.0.2553
4 [Switch] user-interface vty 0 4
5 [Switch-ui-vty0-4] acl 2001 inbound
Allow only a certain network segment in the intranet to access the device via Telnet.
Set the timeout period and disconnect protection
Meaning: If there is no operation within 10 minutes, the Telnet connection will be automatically disconnected.
V. Comparison of Telnet and SSH at a Glance
Project | Telnet | SSH |
Transmission Security | Plaintext, High Risk | Encrypted Transmission, Secure |
Usage Scenarios | Intranet Debugging, Temporary Management | Formal Deployment, Public Network Management |
Default Port | TCP 23 | TCP 22 |
Huawei Support | Supported, | Supported,Recommended |
VI. Understanding of Structure Diagram
1 +------------------+ Telnet login (TCP 23)
2 | Operation and Maintenance PC | ──────► | Huawei switches/routers |
3| IP: 192.168.10.100| | IP: 192.168.10.1 |
4 +------------+ +---------------+
5 Username:admin
6 password:Huawei@123
VII. Common Problem Troubleshooting
Q1: Telnet connection fails?
• Has "telnet server enable" been executed?
• Is the IP address configured correctly? Can the device be pinged?
• Has Telnet been enabled on the VTY line?
• Is port 23 blocked by ACL or firewall?
Q2: No response after entering the username?
• The user has not configured service-type telnet.
• The user's permission is too low or no password has been configured.
That's all for our sharing today!
Although Telnet is an "old protocol", it is still commonly used in enterprise internal networks, especially during initial device configuration and emergency debugging.
For more Telnet resources, follow the Facebook account & youtube account: Thinkmo Dumps
