Skip to main content

Huawei Switch Configuration Commands

Here are some Huawei switch configuration command and verification command is here.

1. Enter int to the privilege mode
<sw1>system view

2. Create the VLAN
[sw1]vlan 30
[sw1]des fiber

3. Configure interface trunk
[sw1]interface GigabitEthernet 0/0/1
[sw1-GigabitEthernet0/0/1]port link-type trunk

4. Configure interface access
[sw1-GigabitEthernet0/0/3]port link-type access
[sw1-GigabitEthernet0/0/4]port link-type access

5. Assign vlan to that port
[sw1]vlan 30
[sw1-vlan30]port GigabitEthernet 0/0/3
[sw1]vlan 30
[sw1-vlan30]port GigabitEthernet 0/0/4

6. Change port speed and duplex
[sw1]interface GigabitEthernet 0/0/3
[sw1-GigabitEthernet0/0/3]undo negotiation auto
[sw1-GigabitEthernet0/0/3]speed ?
  10                10M port speed mode
  100               100M port speed mode
  1000              1000M port speed mode
  auto-negotiation  Auto negotiation
[sw1-GigabitEthernet0/0/3]speed 100
[sw1]int gi0/0/4
[sw1-GigabitEthernet0/0/4]undo negotiation auto
[sw1-GigabitEthernet0/0/4]speed 100

[sw1-GigabitEthernet0/0/4]duplex ?
  full  Full-Duplex mode
  half  Half-Duplex mode
[sw1-GigabitEthernet0/0/4]duplex full

7. Configure VLAN and add VLAN in trunk port
[sw1-GigabitEthernet0/0/1]port trunk allow-pass vlan 301 302
Info: This operation may take a few seconds. Please wait for a moment...done.

8. MST Configuration

[sw1]stp region-configuration
Info: Please activate the stp region-configuration after it is modified.
[sw1-mst-region]region-name JP
[sw1-mst-region]instance 1 vlan instance 1 vlan 10 20 30 to 50 600 to 616
[sw1-mst-region]instance 0 vlan 302

9. Create management interface
[sw1]interface Vlanif 25
Error: Can not create this interface because the interface number of this type has reached its maximum.
[sw1]undo interface Vlanif 1
[sw1-Vlanif25]ip add
[sw1-Vlanif25]ip route-static

10. Configure SSH

[sw1]rsa local-key-pair create
The key name will be: sw1_Host
The range of public key size is (512 ~ 2048).
NOTES: If the key modulus is greater than 512,
       it will take a few minutes.
Input the bits in the modulus[default = 2048]:1024
Generating keys...

11. Create local user
[sw1-aaa]local-user jpudasaini password ?
  cipher               User password with cipher text
  irreversible-cipher  User password with irreversible-cipher text

[sw1-aaa]local-user jpudasaini password
Please configure the login password (8-16)
It is recommended that the password consist of at least 2 types of characters, including lowercase letters, uppercase letters, numerals and special characters.
Please enter password:
Please confirm password:
Info: Add a new user.

[sw1-aaa]local-user jpudasaini service-type ssh telnet

12. Configure telnet session
[sw1]stelnet server enable
[sw1]ssh authentication-type default password
[sw1]ssh user jpudasaini
[sw1]ssh user jpudasaini authentication-type password
[sw1]ssh user jpudasaini service-type stelnet

[sw1]user-interface vty 0 4
[sw1-ui-vty0-4]authentication-mode aaa
[sw1-ui-vty0-4]protocol inbound ssh

[sw1-aaa]local-user jpudasaini privilege level 15
[sw1-aaa]local-user jpudasaini service-type ssh
[sw1]ssh authentication-type default password

13. DHCP Snooping enable
[huawei-sw1]dhcp enable
[huawei-sw1]dhcp snooping enable ipv4
[huawei-sw1]dhcp server detect

[huawei-sw1]dhcp snooping check dhcp-rate enable
<huawei-sw1>display dhcp snooping
[huawei-sw1]dhcp snooping check dhcp-rate 50

14. Apply to VLAN
[huawei-sw1]vlan 301
[huawei-sw1-vlan301]dhcp snooping enable

15. Apply to Interface
[huawei-sw1-GigabitEthernet0/0/3]dhcp snooping enable
[huawei-sw1-GigabitEthernet0/0/3]dhcp snooping check dhcp-rate enable

16. Apply to Trunk port
[huawei-sw1-GigabitEthernet0/0/4]dhcp snooping trusted

17. Verify Command
[huawei-sw1]display dhcp snooping configuration    
dhcp snooping enable
dhcp snooping check dhcp-rate enable
dhcp snooping check dhcp-rate 50
dhcp server detect
vlan 301
 dhcp snooping enable
interface GigabitEthernet0/0/3
 dhcp snooping enable
 dhcp snooping check dhcp-rate enable
interface GigabitEthernet0/0/4
 dhcp snooping trusted


  1. May u know cisco port fast equivalent command for huawei

    1. [sw1]int gi0/0/4
      [sw1-GigabitEthernet0/0/4]stp edged-port enable

  2. This comment has been removed by the author.


Post a Comment

Popular posts from this blog

Unable to open kernel device . global vmx86 windows 7

Suddenly I encounter a weird problem with VMware 9 version. I install different OS for my education and testing purposed. Like MAC os, Ubuntu, CentOS, BT, WinXP, Win-server 2003. When I tried to run one of this OS a error message appear. unable to open kernel device "\\.Global\vmx86": The system cannot find the file specified. Did you reboot after installing VMware Workstation? Failed to initialize monitor device. Click ok you can see this window After googling I found one solution in developer forum but thread starter never use that method. So I tried it and here is my finding. Go to the directory of vmware installed  (In my case I run it as Administrator) C:\Program Files (x86)\VMware\VMware Workstation>   ( I've 32-bit apps on 64-bit OS, your may be different) Run this command vnetlib -- uninstall vmx86  reboot Go to the same directory and check net start command - this time it should say "service name  is invalid&quo

Simple Failover Mikrotik

Simple fail-over Mikrotik router configuration. Most of the user wants backup link (Fiber link with Wireless backup), in case fiber down wireless link auto up. No downtime for the user. Here is simple setting on Mikrotik for fail-over. I'm very great full to Anton to point out the mistake in src-address. It has been corrected now. ****default routes for new outgoing traffic.**** /ip route add dst-address= gateway=ISP-GW-ADDR-1 distance=1 check-gateway=ping add dst-address= gateway=ISP-GW-ADDR-2 distance=2 ++masquerade both WAN connections++ /ip firewall nat add chain=srcnat src-address= out-interface=WAN-1 action=masquerade add chain=srcnat src-address= out-interface=WAN-2 action=masquerade Thats it.

Mikrotik Hotspot Redirect After Login

This tutorial assumed you already create Hotspot in your router. If you don't know how to create a hotspot in Mikrotik router, click here and create the Hotspot. . After successfully creating the hotspot server go to "Files" Menu of  the main Window of Mikrotik router Copy "hotspot" folder into your PC. Open "alogin" file with text editor Replace "link-redirect" text with your desire URL Now you're done! After successfully logging into the Hotspot server your client automatically redirects to your external link.  Don't forget to copy this folder into Mikrotik Router "Files" Menu. You can also drag and drop this folder into "Files" menu.