华为AR1220设备重置后web无法登录，需要通过console端口配置http server enable

admin

华为AR1220设备重置后web无法登录，需要通过console端口
华为AR1220设备重置后web无法登录，需要通过console端口

/ A  b( m! e/ W5 e% C  h* j, c1 _[Huawei]http server enable
  This operation will take several minutes, please wait...................................
2 M0 p$ \" ], [2 E3 ZMay 15 2022 21:08:50+00:00 Huawei ENTITYTRAP/2/CPUUSAGERISING:OID 1.3.6.1.4.1.2011.5.25.219.2.14.1 CPU utilization exceeded the pre-alarm threshold.(Index=9, HwEntityPhysicalIndex=9, PhysicalName="SRU Board 0", EntityThresholdType=0, EntityThresholdWarning=80, EntityThresholdCurrent=100, EntityTrapFaultID=144896)
4 F& I* A+ X0 g1 B, u: J5 g' b[Huawei]
May 15 2022 21:08:50+00:00 Huawei %%01CPUP/4/CPU_USAGE_HIGH(l)[20]:The CPU is overloaded, and the tasks with top three CPU occupancy are Co0(43.2%), loop0(14.6%), TICK(4.2%) . (CpuUsage=100%, Threshold=80%)
: r( p5 |* u% E5 k8 t[Huawei]..............
6 v4 [: q; h* _; r4 R# a0 kInfo: Succeeded in starting the HTTP server
& ], V9 \* c$ x$ C  E' y( x% v# k[Huawei]
) b* i6 F& ^" ?May 15 2022 21:09:00+00:00 Huawei ENTITYTRAP/4/CPUUSAGERESUME:OID 1.3.6.1.4.1.2011.5.25.219.2.14.2 CPU utilization resumed from exceeding the pre-alarm threshold.(Index=9, HwEntityPhysicalIndex=9, PhysicalName="SRU Board 0", EntityThresholdType=1, EntityThresholdWarning=80, EntityThresholdCurrent=65, EntityTrapFaultID=144896)
[Huawei]
- ?& v2 p+ d: h  Please check whether system data has been changed, and save data in time
0 e; O1 f3 ]. C  Configuration console time out, please retry to log on
4 \$ C6 C/ ~: X  A
+ t4 G- U# W* K5 ?0 ELogin authentication
: B, C: F: X, }5 h7 H; a

0 y0 @. p" U9 |) a" G4 V然后就可以登录界面了。
& Y3 Q% _# b# O+ M# N& k! R

admin

Console口设置密码
* p) y1 e5 U6 e: v) T; B5 C交换机Console口设置密码
! K. U$ A2 R5 Q+ W/ A- F5 `  V[sw1]user-interface console 0
3 w  z/ x4 E% r6 O# {* Q% M[sw1-ui-console0]authentication-mode password
+ e' s' M6 e5 L) m! G/ ?% l- A! {& a[sw1-ui-console0]set authentication password ?
" T/ ~3 g2 j: S; Y, T4 f6 F5 R  cipher  Set the password with cipher text    #密码用密码文本设置密码
( N$ K7 ]' D7 ?! ^9 T4 F  simple  Set the password in plain text       #简单地设置明文密码
[sw1-ui-console0]set authentication password simple 123

路由器Console口设置密码
[R1]user-interface console 0
[R1-ui-console0]authentication-mode password
' X8 i+ j( A! f$ L0 E; C, QPlease configure the login password (maximum length 16):123
[R1-ui-console0]
$ j' `, l6 p0 _[R1-ui-console0]q
) A/ d- y+ P/ E  N; ?[R1]q
* \" z' }- N& H<R1>q
! S% q  G# T3 m% i+ h  Configuration console exit, please press any key to log on

) J& D# D) @$ P/ iLogin authentication
4 F2 q+ s4 c7 [  g+ h  g
6 N7 n0 E! e* F. w/ l0 J( ]Password:输入123
. |* n0 Q3 m* ]- v1 Z4 t# c<R1>sys
Enter system view, return user view with Ctrl+Z.
* p: w: N% E+ `: a% J7 k
: C9 o, \& P9 y; G
配置用户通过Telnet登录设备(真机演示)
[Huawei]int g0/0/0
[Huawei-GigabitEthernet0/0/0]ip add 192.168.100.252 24   #先给需要接口设置IP
[Huawei]telnet server enable    #全局开启telnet
5 k& }4 x2 i: ?7 D( o# IInfo: Telnet is insecure, recommended to use stelnet with encryption features.
[Huawei]aaa
[Huawei-aaa]local-user pok password irreversible-cipher 123456  #创建本地用户，用户名：pok、密码：123456
8 Z1 W& @0 K  z! n; F$ v" @( k1 r0 ?: ~Info: Add a new user.
[Huawei-aaa]local-user pok service-type telnet   #配置本地用户pok的接入类型为telnet
% p4 U6 ]- q  z$ x/ `! k[Huawei-aaa]local-user pok privilege level 3     #设置用户等级，远程用户缺省的级别都是0级，可修改Telnet用户登录后的用户级别为管理员3
' u1 L/ Q' {: @Warning: This operation may affect online users, are you sure to change the user privilege level ?[Y/N]y    确定
[Huawei-aaa]q
) w" b0 X0 @1 z& f[Huawei]user-interface vty 0 4              #进入VTY0～VTY4用户界面视图
[Huawei-ui-vty0-4]authentication-mode aaa   #配置VTY类型用户界面的验证方式为AAA


配置用户通过web登录设备(真机演示)
web登陆其实和上面基本是一样的。只是将上面代码中的：
local-user pokes service-type telnet
! v) ^1 X$ x+ P0 g/ D- e" {& ~
" p0 p& {% h' v' F8 p7 j替换成
8 P! l* o, [5 W% ^* w4 k' _/ V, Qlocal-user pokes service-type http ssh web
  w( y7 w4 X9 @
  C9 R& G; J. M& h[Huawei]int g0/0/0
' f) t- e$ J2 f1 \8 q, j[Huawei-GigabitEthernet0/0/0]ip add 192.168.100.252 24   #先给需要接口设置IP
& w3 W! ~7 f* r. M. n; a( ~, [3 L[Huawei]http server enable    #全局开启telnet
( W, }% U4 u2 S4 A2 J9 `Info: Telnet is insecure, recommended to use stelnet with encryption features.
# I7 ~$ ]0 Y- x; J# p' v[Huawei]aaa
[Huawei-aaa]local-user pok password irreversible-cipher 123456  #创建本地用户，用户名：pok、密码：123456
/ }7 W" b+ h0 W6 u8 K3 I: lInfo: Add a new user.
[Huawei-aaa]local-user pok service-type http   #配置本地用户pok的接入类型为telnet
* c& I% }. r: k, s1 F* I% B[Huawei-aaa]local-user pok privilege level 3     #设置用户等级，远程用户缺省的级别都是0级，可修改Telnet用户登录后的用户级别为管理员3
Warning: This operation may affect online users, are you sure to change the user privilege level ?[Y/N]y    确定
4 ~( k! \! T% ]8 |7 ~5 f/ Q( ]3 L. z[Huawei-aaa]q
! C  r: K; `. h4 M* g9 j[Huawei]user-interface vty 0 4              #进入VTY0～VTY4用户界面视图
3 d  d0 {2 M3 C5 S- n[Huawei-ui-vty0-4]authentication-mode aaa   #配置VTY类型用户界面的验证方式为AAA

2 a$ A  I$ u' C" \6 P  W# I
说明：有个问题需要注意一下，替换完成之后就只能web登陆，不能同时登陆web和telnet。如果还需要web登陆，就需要再新建另一个用户。
+ M% G5 `6 p0 J$ K3 t- b4 x+ P; _* S重点华为设备出厂的时候，对web访问的接口做了限制，我们必须查出来哪个接口可以web访问
display current-configuration filter http serve   #查询哪个接口允许web访问
3 h. _- r$ H; x' ?5 G, g#
post-system
http server enable
6 F; S& z+ E* H% z! K) u5 R0 C. Q/ @ http server permit interface GigabitEthernet0/0/1   #这个接口可以访问
#
return
3 l: D3 X5 D1 G, }% Z- J2 h1 j+ K  ~
" [# H; R$ u* |% M; ?0 @" v解决办法有两种：
$ W" _- J: \6 y: hundo http server permit interface    #删除限制
http server permit interface e0/0/0  #允许你的接口访问web

在这里我想说的是，华为的web界面真的是很差，我用的真机AR1220，不知道新版的怎么样。建议还是用命令把。
8 @, Q2 r! P4 b$ z+ @