华为路由器的软件版本

华为路由器的软件版本：V300R019C10SPC300

管理员密码策略配置

默认的管理员密码策略

默认情况下，路由器的管理员密码策略是开启状态，如下图所示；

修改管理员密码策略方式

[HUAWEI]aaa

[HUAWEI-aaa]local-aaa-user password policy administrator

[HUAWEI-aaa-lupp-admin]password history record number 4

[HUAWEI-aaa-lupp-admin]password alert before-expire 45

[HUAWEI-aaa-lupp-admin]password expire 120

[HUAWEI-aaa-lupp-admin]

关闭管理员密码策略方式

[HUAWEI]aaa

[HUAWEI-aaa]undo local-aaa-user password policy administrator

Warning: Administrator password policy has been disabled, there is a security risk.

[HUAWEI-aaa]

配置https登陆

启用https服务

[HUAWEI]http secure-server ssl-policy default_policy

#启用https服务

[HUAWEI]http secure-server enable

#允许指定路由器的接口IP被https访问

[HUAWEI]http server permit interface GigabitEthernet0/0/13

配置https登陆账户

#账户配置，例如，用户名test，密码test_123,最高权限是level 15

[HUAWEI]aaa

[HUAWEI-aaa]local-user test password irreversible-cipher test_123

[HUAWEI-aaa]local-user test privilege level 15

[HUAWEI-aaa]local-user test service-type http

VTY配置AAA登陆

#vty接口指定aaa账户登陆

[HUAWEI]user-interface vty 0 4

[HUAWEI-ui-vty0-4]authentication-mode aaa

[HUAWEI-ui-vty0-4]protocol inbound all