< Home

Example for Configuring Switch Login Through the Web System (V200R006 and later versions)

Overview

The web system uses the built-in web server on a switch to provide a GUI through which users can perform switch management and maintenance. Users can log in to the web system from terminals using HTTPS.

The web system is available in EasyOperation and Classics versions.
  • The EasyOperation version provides rich graphics and a more user-friendly UI on which users can perform monitoring, configuration, maintenance, and other network operations.
  • The Classics version inherits the web page style of Huawei switches and provides comprehensive configuration and management functions.

In V200R011C10 and later versions, the Classics version is not supported.

Configuration Notes

This example applies to V200R006 and later versions of all S series switches.

The following uses the command lines and outputs of the S5720-EI running V200R008C00 as an example.

Networking Requirements

As shown in Figure 1, a switch functions as the HTTPS server. The user wants to log in to the web system using HTTPS to manage and maintain the switch.

Figure 1 Networking diagram for configuring switch login through the web system

Configuration Roadmap

The configuration roadmap is as follows:

  • The system software of the switch has integrated and loaded the web page file. No manual configuration is required.

  • A switch provides a default SSL policy and has a randomly generated self-signed digital certificate in the web page file. If the default SSL policy and self-signed digital certificate can meet security requirements, you do not need to upload a digital certificate or manually configure an SSL policy, simplifying configuration. The following configuration uses the default SSL policy provided by the switch as an example.

  • Configure a management IP address for logging in to the switch through the web system.

  • Configure a web user and enter the web system login page.

Procedure

  1. Configure a management IP address.

    <HUAWEI> system-view
[HUAWEI] sysname HTTPS_Server
[HTTPS_Server] vlan 10
[HTTPS_Server-vlan10] quit
[HTTPS_Server] interface vlanif 10    //Configure VLANIF 10 as the management interface.
[HTTPS_Server-Vlanif10] ip address 192.168.0.1 24    //Configure the IP address and deploy the route based on the network plan to ensure reachability between the PC and switch.
[HTTPS_Server-Vlanif10] quit
[HTTPS_Server] interface gigabitethernet 1/0/10    //In this example, GE1/0/10 is the physical interface used for logging in to the switch through the web system on a PC. Select an interface based on actual networking requirements.
[HTTPS_Server-GigabitEthernet1/0/10] port link-type access    //Set the interface type to access.
[HTTPS_Server-GigabitEthernet1/0/10] port default vlan 10    //Add the interface to VLAN 10.
[HTTPS_Server-GigabitEthernet1/0/10] quit

  2. Enable the HTTPS service.

    [HTTPS_Server] http secure-server enable    //The HTTPS service is enabled by default and does not require manual configuration. If the HTTPS service is manually disabled, run this command to enable it.

  3. Configure a web user and enter the web system login page.

    # Configure a web user.

    [HTTPS_Server] aaa
[HTTPS_Server-aaa] local-user admin password irreversible-cipher Helloworld@6789    //Set the login password to Helloworld@6789.
[HTTPS_Server-aaa] local-user admin privilege level 15    //Set the user level to 15.
Warning: This operation may affect online users, are you sure to change the user privilege level ?[Y/N]Y
[HTTPS_Server-aaa] local-user admin service-type http    //Set the user service type to HTTP.
[HTTPS_Server-aaa] quit

    # Enter the web system login page.

    Open the web browser on the PC, type https://192.168.0.1 in the address box, and press Enter. The web system login page is displayed, as shown in Figure 2.

    Table 1 lists browser versions required for login to a switch through the web system. If the browser version or browser patch version is not within the preceding ranges, the web page may not be properly displayed. Upgrade the browser and browser patch. In addition, the browser must support JavaScript.

    Enter the web user name admin and password Helloworld@6789, and click GO or press Enter. The web system home page is displayed. The EasyOperation web system is logged in by default.

    Table 1 Mapping between the product version and browser version

    Product Version

    Browser Version for EasyOperation Web System

    Browser Version for Classic Web System

    V200R006

    IE 8.0 to 11.0, Firefox 12.0 to 28.0, or Chrome 23.0 to 34.0

    IE 8.0 to 11.0, or Firefox 12.0 to 28.0

    V200R007

    IE 8.0 to 11.0, Firefox 12.0 to 32.0, or Chrome 23.0 to 37.0

    IE 8.0 to 11.0, or Firefox 12.0 to 32.0

    V200R008

    IE 10.0, IE 11.0, Firefox 31.0 to 35.0, or Chrome 30.0 to 39.0

    IE 10.0, IE 11.0, or Firefox 31.0 to 35.0

    V200R009

    IE 10.0, IE 11.0, Firefox 35.0 to 45.0, or Chrome 34.0 to 49.0

    IE 10.0, IE 11.0, or Firefox 35.0 to 45.0

    V200R010

    Microsoft Edge, IE 10.0, IE 11.0, Firefox 39.0 to 49.0, or Chrome 39.0 to 54.0

    IE 10.0, IE 11.0, or Firefox 39.0 to 49.0

    V200R011C00

    Microsoft Edge, IE 10.0, IE 11.0, Firefox 46.0 to 50.0, or Chrome 39.0 to 54.0

    IE 10.0, IE 11.0, or Firefox 46.0 to 50.0

    V200R011C10

    Microsoft Edge, IE 10.0, IE 11.0, Firefox 53.0 to 59.0, or Chrome 54.0 to 66.0

    V200R012(C00&C20)

    Microsoft Edge, IE 10.0, IE 11.0, Firefox 53.0 to 59.0, or Chrome 54.0 to 66.0

    V200R013C00

    Microsoft Edge, IE 10.0, IE 11.0, Firefox 58.0 to 62.0, or Chrome 60.0 to 69.0

    V200R013C02

    Microsoft Edge, IE10.0, IE11.0, Firefox 61.0 to Firefox 66.0, or Chrome 64.0 to Chrome 73.0

    V200R019C00

    Microsoft Edge, IE10.0, IE11.0, Firefox 61.0 to Firefox 66.0, or Chrome 64.0 to Chrome 73.0

    V200R019C10

    Microsoft Edge, IE10.0, IE11.0, Firefox 61.0 to Firefox 66.0, or Chrome 64.0 to Chrome 73.0

    Figure 2 Web system login page

  4. Verify the configuration.

    Log in to the switch through the web system. The login succeeds.

    Run the display http server command to view the status of the HTTPS server.

    [HTTPS_Server] display http server
   HTTP Server Status              : enabled
   HTTP Server Port                : 80(80)
   HTTP Timeout Interval           : 20
   Current Online Users            : 0
   Maximum Users Allowed           : 5
   HTTP Secure-server Status       : enabled
   HTTP Secure-server Port         : 443(443)
   HTTP SSL Policy                 : Default
   HTTP IPv6 Server Status         : disabled
   HTTP IPv6 Server Port           : 80(80)
   HTTP IPv6 Secure-server Status  : disabled
   HTTP IPv6 Secure-server Port    : 443(443)
   HTTP server source address      : 0.0.0.0

Configuration Files

HTTPS_Server configuration file

#
sysname HTTPS_Server
#
vlan batch 10
#
aaa
 local-user admin password irreversible-cipher %#%#wU:(2j8~r8Htyu3.]',NwU`Td[-A9~9"%4Kvhm'0RV[/U`Ww%#%#
 local-user admin privilege level 15
 local-user admin service-type http
#
interface Vlanif10
 ip address 192.168.0.1 255.255.255.0
#
interface GigabitEthernet1/0/10
 port link-type access
 port default vlan 10
#
return
Parent Topic: Example for Configuring Switch Login Through the Web System
Copyright © Huawei Technologies Co., Ltd.
Copyright © Huawei Technologies Co., Ltd.
< Previous topic