需要給登錄的賬號加上如下屬性後再操作 local-user hp password cipher $c$3$+h92MglkXNEC/cedzB1KeeONjWbY authorization-attribute level 3 authorization-attribute user-role security-audit service-type telnet 這個log大部分內容是記錄登入交換機的賬戶信息的,您可以留一份備查,可以刪掉。 <5500>delete /unreserved flash:/seclog/seclog.log 刪除完後,可以考慮將剛剛填入的那兩行去掉,undo即可 -------------------------------------------------------------------------------------------------------- 處理 combo port 方式 dis port combo (1) 要先 shutdown combo port,直接進入該介面底下 interface GigabitEthernet 1/0/23 然後 執行 shutdown (2) 將預開啟的 PORT 執行 undo shutdown (3) 將預開啟的 PORT 複製原先 ten-GigabitEthernet 設定 (4) 將 GBIC 插入 -------------------------------------------------------------------------------------------------------- 複製master設備下的bin文檔到slot2下: copy a5500ei-cmw520-r2221p25.bin slot2#flash:/ 刪除slot2下的舊檔bin文件 delete /unreserved slot2#flash:/a5500ei-cmw520-r2215.bin 更改arp timer [hpe]arp timer aging 15 放至新任體 tftp 192.168.0.34 get A5500EI-CMW520-R2221P25.bin 刪除檔案 delete /unreserved a5500ei-cmw520-r2215.bin 加入禁止的MAC 位址 rule 0 deny source-mac 000f-e200-0000 ffff-ff00-0000 rule 1 deny source-mac 305a-3aaa-fd1e ffff-ffff-ffff 去掉interface下的應用: [5500-Vlan-interface1]undo packet-filter 4000 inbound 去掉設定MAC的ACL rule number: 進入ACL配置視圖 [5500-acl-ethernetframe-4000]dis this # acl number 4000 rule 0 deny source-mac 000f-e200-abc0 ffff-ffff-ffff # [5500-acl-ethernetframe-4000]undo rule 0 [5500-acl-ethernetframe-4000]dis this # acl number 4000 # [Switch] interface GigabitEthernet 1/0/1 [Switch-GigabitEthernet1/0/1] packet-filter 4000 inbound <5500>sys System View: return to User View with Ctrl+Z. [5500]acl number 4000 [5500-acl-ethernetframe-4000]rule deny source-mac 000f-e200-abc0 ffff-ffff-ffff [5500-acl-ethernetframe-4000]quit [5500]interface vlan 1 [5500-Vlan-interface1]packet-filter 4000 ? inbound Apply the acl to filter in-bound packets outbound Apply the acl to filter out-bound packets [5500-Vlan-interface1]packet-filter 4000 inbound