本帖最后由 sdtt1314 于 2022-4-7 14:35 编辑
9 C6 {2 k: ^6 ?- s y! E9 f! |5 @) ] w; C, U$ }4 Q Z
有错误处还请指出,万分感谢
! ^4 n$ i2 |! `/ ]/ c
拓扑图
# n" c5 F3 z8 W0 m" o
交换机VLAN、网关、DHCP配置( |0 i! H& E8 ^+ ?
SW1:(核心交换机)
0 z5 P/ e: F: f. D" s1 k2 M6 Gvlan batch 10 20 30 40 100 200 999 //创建VLAN5 l7 E- u) o6 l2 ?# z% Z
#! d2 `1 j, h2 b o+ s4 l. E6 q9 x
ip pool v10 //创建VLAN10地址池
7 h1 x9 Z4 }) A8 I gateway-list 192.168.10.1
0 Y6 X% s8 `* h- i: [3 a4 n network 192.168.10.0 mask 255.255.255.06 r. F8 q" d7 T, ?. d2 D% e
lease day 8 hour 0 minute 04 X& n6 n0 w( U
dns-list 114.114.114.114 8.8.8.8
4 I z' j/ O2 t#$ g2 }. ]" f& g9 z
ip pool v20 //创建VLAN20地址池% J0 v* n' k) E9 ^1 Y% N# Q9 u
gateway-list 192.168.20.1
: D4 f7 u% a' g/ v network 192.168.20.0 mask 255.255.255.01 Q2 A3 |& R4 @' `2 v$ B# Z
dns-list 114.114.114.114 8.8.8.8 y- C# M8 y% C3 l& i3 v
#' f& ^$ b6 e5 V" K. x$ m; L
ip pool v30 //创建VLAN30地址池
" ?) o+ L0 j% b5 b0 l" Y3 G6 v( b* k gateway-list 192.168.30.1
/ o# S6 J# }" T# |5 V network 192.168.30.0 mask 255.255.255.0
$ Q3 ^! G/ ^/ O$ |( D) r* Z0 r dns-list 114.114.114.114 8.8.8.8
4 e' A- A" t- m# A( k* I" S/ j, X#
4 o3 x1 ~1 _7 P4 @ip pool v40 //创建VLAN40地址池* `- z. D q9 {
gateway-list 192.168.40.1
3 |3 A8 B. g) b9 Y+ U network 192.168.40.0 mask 255.255.255.06 [% G5 y+ G3 O6 n; p9 I% T" {8 i
dns-list 114.114.114.114 8.8.8.8+ T5 w/ E2 A: J
#0 `" [: R \0 m& [5 _
interface Vlanif10
* j5 @/ A# a: ]) s( I ip address 192.168.10.1 255.255.255.0. j% B9 f) Y; n% s6 s/ w. m- v
dhcp select global //调用VLAN10地址池
$ x. \2 z- I' K% b4 m+ s! U#( U2 b9 M, N% d3 S& y
interface Vlanif20+ K( A& R. e ] e. s0 Y
ip address 192.168.20.1 255.255.255.0, K$ x" q1 b% X5 Y4 @" u
dhcp select global //调用VLAN20地址池: k4 t L! c1 o& C2 b! ?/ h
#' p* }' J2 w. t: a$ T$ w# m
interface Vlanif30
# T+ C/ ?4 q4 p' T) U9 T1 A ip address 192.168.30.1 255.255.255.0
6 k7 s! G4 U9 T- b, Z$ J3 O" \ dhcp select global //调用VLAN30地址池
4 X" n1 j7 C' e ?. w#- L5 h- B% e2 j- T- y
interface Vlanif409 B8 F! D" v0 W% J. H
ip address 192.168.40.1 255.255.255.01 f" D+ N4 T# r" e% g5 T+ ?* c$ p
dhcp select global //调用VLAN40地址池
+ h, |+ {$ Z: P#
6 `) |) A: k* D- N3 V! B; Pinterface Vlanif100
- i; C9 N; d/ o) R9 T ip address 192.168.100.1 255.255.255.0
6 V$ U3 Z) I% z6 i- a#" f# Q* P- e0 D/ W
interface Vlanif200
; J, B" E( G' u' n8 Y ip address 192.168.200.1 255.255.255.09 U9 q) K& ]# v5 ~& g
#
- g& t4 ~- B+ p0 I$ S; r interface GigabitEthernet0/0/3 //下行口(连接汇聚交换机3)3 L& B) i! Y& `- e( I
port link-type trunk8 q, U; L) S1 @' k
7 d1 z. Z# i" R
port trunk allow-pass vlan 10 20 999 //允许vlan 10 20 999 通过, D# \9 P3 ~$ a, J) V+ \$ ]& Q5 T
undo port trunk allow-pass vlan 1 //turnk删除vlan1! j# Z) c$ [% Z4 g0 M/ S
#' P! L: @. v: f4 D# W8 K# ]' E
interface GigabitEthernet0/0/4 //下行口(连接汇聚交换机4)( h/ X7 ~9 P4 }! l& z
port link-type trunk
' l; t8 v& G& s9 i2 H5 n# {7 n
' T' _! h% U/ e) [$ v( L) {. q port trunk allow-pass vlan 30 40 999 //允许vlan 30 40 999 通过* H7 L% }) p9 `+ v0 g3 b
undo port trunk allow-pass vlan 1 //turnk删除vlan1
! a4 v; v9 I) x7 g( D#4 q7 F6 C- w1 U. p, F3 R; B
interface GigabitEthernet0/0/5 //连接路由器/ s a# R8 P! u8 X
port link-type access2 \3 Y7 a2 C. @7 ^. D4 \2 Q
port default vlan 100 //允许VLAN 100 通过* L# S J3 j+ G/ M, l
9 Q8 s" M! Z/ k; _3 s, O
SW2:(服务器汇聚交换机)
7 H" |& ]% _! P( i, j+ n) I6 v$ y& ^vlan batch 200 999 //创建VLAN0 }# j/ M0 o I5 B' ~
#5 b& d) U6 y0 y
interface GigabitEthernet0/0/3
" T p0 y5 X& r4 A port link-type access& \/ T8 Q/ a( l6 b. C( x
port default vlan 200
; v9 z) h9 a* j/ @#
4 G! i4 [8 z0 I( Y. P; _interface GigabitEthernet0/0/4; M+ B/ ]" ?# H; b4 d, J, L! l% a
port link-type access D6 n. K( m& a) R$ N6 f
port default vlan 200) Y; ~- B6 Y+ ?: p; E- H( _# h
! I# P( a: ^2 J2 V+ g1 P
SW3:(汇聚交换机3)
! A7 ^7 }( i6 Z- C vlan batch 10 20 999 //创建VLAN' |2 \2 F/ b" W6 j
#
$ J* c# X6 J! [" h$ _% [8 F9 sinterface GigabitEthernet0/0/1 //上行口(连接核心层)- _. y% Z" J( V! b. x7 Y1 h
port link-type trunk
$ z$ Q. Z6 d. N; c6 E h* ] undo port trunk allow-pass vlan 1 e' |& v* c* @% L8 Y$ s
port trunk allow-pass vlan 10 20 999! N* K m) Q7 u
#
" |' c- ?6 i3 @ s' R/ @- xinterface GigabitEthernet0/0/2 //下行口(连接接入层)
1 Z5 ^. x% _' ?/ ]. `3 u! y3 U& M port link-type trunk
" A. f9 v: F+ D/ o undo port trunk allow-pass vlan 1# |# B' x) @9 g2 e0 b) v
port trunk allow-pass vlan 10 999# u0 v6 q" u7 F L6 Q
#
& x# c* V7 K3 dinterface GigabitEthernet0/0/3 //下行口(连接接入层)1 q: ?' O) d1 z* ~
port link-type trunk7 T ^$ U3 P9 R0 H0 f% Q3 y
undo port trunk allow-pass vlan 1
; N/ s w, a, ?1 g port trunk allow-pass vlan 20 999/ C7 E' |4 k; |. u5 K/ D1 r9 m
. J7 E# ^2 @6 p8 n+ b, M) h
SW4:1 I* J$ S4 L- @
vlan batch 30 40 999 //创建VLAN [2 O8 g" W$ t- h7 d- W
## I) s0 p, l, H
interface GigabitEthernet0/0/1 //上行口(连接核心层)
5 `+ h3 x( X$ ?" x7 l port link-type trunk
, E& O! H0 s+ q/ M undo port trunk allow-pass vlan 15 h( X6 h8 Q; `
port trunk allow-pass vlan 30 40 999
( l; D5 [4 x( \. x: W' A% ?#
. C8 s5 Q5 L a4 y" r, |( J/ Xinterface GigabitEthernet0/0/2 //下行口(连接接入层)
' G0 R3 u: z9 K port link-type trunk
3 {# r5 p/ e; ~4 S$ r1 t undo port trunk allow-pass vlan 1 ! o8 f4 X; }) Q9 b# G
port trunk allow-pass vlan 30 999
. ]; d$ S) u3 G* x#: e/ m9 z0 c% H+ L( f5 r6 u
interface GigabitEthernet0/0/3 //下行口(连接接入层)2 u. \4 F h% v m+ [: \
port link-type trunk
! ]1 Z i' D( r1 P6 \0 t% W undo port trunk allow-pass vlan 1
: i5 h2 J W* W5 y2 D& H port trunk allow-pass vlan 40 999
2 X `; c0 A# r ( n% [4 ~' E' u, C& ?
R1:(路由器1)
! Q, Z6 n- R, h5 `( }3 l$ Kinterface GigabitEthernet0/0/0 //接入核心交换机# E S) ]: N5 O% ?
ip address 192.168.100.2 255.255.255.0 3 r% s/ c: B! q8 v4 o/ E* c
#
+ E5 z' w: x0 W$ |: L8 f5 {interface GigabitEthernet4/0/0 //接入分校区; @( x1 v6 V' g, Q
ip address 15.1.1.1 255.255.255.0 . t) p& Y, k- ]
6 [1 o3 p- S. X
R4:(分校)
4 O; w9 j! z5 D4 L7 sinterface GigabitEthernet0/0/0 //接入主校区! e* d/ A. d8 g& R9 y
ip address 15.1.1.2 255.255.255.0
& U& C' D- e, e& c' H5 N* m0 [& S#0 c' ]* S( q7 S0 E& U( R
interface GigabitEthernet0/0/1 //分校网络
" @$ A+ t; x, \& W5 `1 W0 x H ip address 192.168.90.1 255.255.255.0
& f/ v8 ~' F0 ^4 a# n( b" r) I P% r) P
" M" h4 R) _1 @, w
eth-trunk组建0 }' b" M$ I5 R- f! A% s. d# {3 m
SW1:(核心交换机), x0 S) T, R& I3 {1 O/ z0 V0 u+ r' Y4 }8 `
lacp priority 100 //LACP优先级为100,越低越优先* @1 P7 U0 ]$ \9 b3 y b1 s# L" E
interface Eth-Trunk1 //创建eth-trunk 1
* H1 n3 R* L. ^( O: q' |7 jmode lacp-static //LACP模式. \+ C- o0 G8 `- Z% ?1 D5 `$ k9 Q6 b6 Z
trunkport gGigabitEthernet 0/0/1 to 0/0/2 //将接口1和2加入组
; b" k3 t; }3 D6 ^# o: Kport link-type trunk: S: V4 ?( @1 z( v$ S. O2 m
! z4 u& M' q. }; r2 q8 T- b
port trunk allow-pass vlan 200 999
* J$ t. Q$ r* h# Uundo port trunk allow-pass vlan 1 //turnk删除vlan12 M0 i H t' |1 L
6 |- m8 {$ Q8 SSW2:(服务器汇聚交换机)& N$ ^8 G1 n3 M7 o) L0 Z: z
lacp priority 100 //LACP优先级为100,越低越优先5 Q, D& ?& Q) P9 e1 M) [
interface Eth-Trunk1 //创建eth-trunk 1
' M& [. c6 [9 B( Wmode lacp-static //LACP模式8 x# i# C3 t7 g
trunkport gGigabitEthernet 0/0/1 to 0/0/2 //将接口1和2加入组
6 v. y; q: B8 ?port link-type trunk
7 [2 X8 |9 l4 z9 _- R# {$ G! g( F
& {1 E/ \" h: G$ U: Wport trunk allow-pass vlan 200 999, u+ K2 ~7 M- t( ~; l% T \* i
undo port trunk allow-pass vlan 1 //turnk删除vlan1
# l3 |4 T- V: s: WOSPF配置6 c8 W; i5 g/ `. v/ {: N
R1:(主校区路由器) n* E/ B4 L" f
ospf 1 , K. ]& a8 c% G( x( X* A# T- J% N
area 0.0.0.0
2 Y6 P0 q- M* m network 15.1.1.0 0.0.0.255
; Y' M( ~+ t$ F; a9 i; h1 D network 192.168.100.0 0.0.0.255 . n E% A ~7 [: A5 ^% X" A) N
5 Q/ L# e2 q, C2 i7 Z& h
SW1:(核心交换机)
% A- G2 M& J3 I% `; q; X; zospf 17 j; w( Z3 w4 j0 c4 Z H, |
area 0.0.0.0: k' k% D2 p' K4 ~) H
network 192.168.10.0 0.0.0.255
5 T. H0 N4 Z7 f/ C0 s% u% N network 192.168.20.0 0.0.0.255
7 j5 G. s4 b1 X; c network 192.168.30.0 0.0.0.255
% |4 m5 W; @5 J network 192.168.40.0 0.0.0.255/ c- Y8 p; P6 }! y
network 192.168.200.0 0.0.0.255
5 F; k+ b4 z- m% o" f6 X+ k network 192.168.100.0 0.0.0.255' V* c: [2 N3 V1 e! D
$ n9 z5 d: C5 {7 AR4:(分校路由器)2 u; ?; m0 r7 `# S
ospf 1
8 j) `, l& A0 A7 G" _8 [& f. L4 E& I2 e area 0.0.0.0
- x) U' [# Y9 [' A$ Z! e+ u, Z network 192.168.90.0 0.0.0.255
, V, y. Z O0 C network 15.1.1.0 0.0.0.255
. p& p1 n- l, _$ s. a
5 [) U7 b z7 d& q h0 X----------------------------------------------# \! A; V; G f9 g$ v" d
5 P0 m. }/ g" K7 v移动联通内部OSPF
. q3 U7 q4 g' a$ S- |# v) mR2:(模拟移动)- ], y. S0 w; F8 }: p3 i
interface GigabitEthernet0/0/0 //接入客户线路' _3 ~% O3 Q7 p3 ]
ip address 12.1.1.2 255.255.255.0
; _$ P2 w- ~3 m# `* V#
3 J1 p2 c; S m$ k2 Ainterface GigabitEthernet0/0/2 //接入联通线路2 U: P" u7 D# T5 \/ I# J/ P
ip address 14.1.1.1 255.255.255.01 K- q& k1 i, u0 y! \
# {* b( f' E- j/ t
4 u7 T; n" l; Y7 z( F$ g
interface LoopBack0
3 O+ e. x( o& h V6 |/ g0 s ip address 6.6.6.6 255.255.255.0 //模拟百度3 {: z( c3 z) H% I5 Q
#
3 P( a- a v; t) y' ]) K- gospf 22 Y$ ~& E$ m. u) d; H' g- O
area 0.0.0.0
' w: O% m" d8 z v' u network 12.1.1.0 0.0.0.255& `8 j( V3 ?2 P
network 6.6.6.0 0.0.0.255
/ [7 k3 G- a( P. r network 14.1.1.0 0.0.0.255
1 I; R' b# s1 T5 w" O * b. v3 R- G R# ]1 N3 e
R3:(模拟联通)& m0 r- V3 T. g4 g+ a/ z# B. }" u
interface GigabitEthernet0/0/1 //接入客户线路
% w* Q& n# m8 l5 J6 J3 r2 T ip address 13.1.1.2 255.255.255.0/ X' w4 g# ^0 i" s& M
#. q' M! T+ k/ H( R5 c, I4 T
interface GigabitEthernet0/0/2 //接入移动线路
. q$ E/ r0 h3 C% h/ k ip address 14.1.1.2 255.255.255.0
K- n7 f, X2 W#! x/ X c: o( U0 `) W+ H
interface LoopBack0+ V: q1 l- q6 H' e
ip address 7.7.7.7 255.255.255.0 //模拟腾讯7 @ t/ Z3 c) o
#: ?" h* G( @' p- b. R# h/ |
ospf 2% ]: k7 t$ O: c& Z: r
area 0.0.0.08 O# B2 f8 [$ w0 ^
network 13.1.1.0 0.0.0.255
/ o7 F2 @4 T/ u: s7 s8 h/ b7 F network 7.7.7.0 0.0.0.2556 `2 T9 l9 l+ D$ A' i7 C" A }
network 14.1.1.0 0.0.0.255
9 B# ~; u% K4 j
% w, H, p! ]% _9 Q2 B静态路由、NAT、ACL配置
# D/ }; e% L& n% Q& s/ |+ }* R4 d+ Z; k: j
SW1:(核心交换机)
9 d7 J& \6 w; l% Wip route-static 0.0.0.0 0.0.0.0 192.168.100.2 . Y( O, I" E E& Q
//去往路由器缺省路由,下一跳为:192.168.100.2
. W) I; z% T3 q% X* \/ p7 j r% o0 C) e# A( ]' D2 z
R1:+ T( d }* }) v
ip route-static 0.0.0.0 0.0.0.0 12.1.1.22 @' \8 D9 J$ ~7 p' }# }
//去往移动线路缺省路由,下一跳为:12.1.1.2
, ?0 E, K7 A5 `3 U0 t6 e" C) A9 xip route-static 0.0.0.0 0.0.0.0 13.1.1.2 preference 70/ G6 e. x1 M6 i$ z, o& u: O" Z! X
//去往联通线路的(备份)缺省路由,下一跳为:12.1.1.2
4 u0 t" S' ?9 n当移动线路中断,自动切换至联通线路3 q+ t8 w/ C- b$ W5 n7 k; U% h
#
6 E- S) o. d; z5 `; _acl number 2000 //创建基本ACL 2000
2 ~+ W- p h# b* L+ R2 S rule 5 permit source 192.168.0.0 0.0.255.255
7 }2 Y. F! ~1 T6 ^% @8 s! y' D8 B4 H' W //允许192.168.0.0所有网段通行) L+ F0 p" K% l: k1 K( q
# 7 ?: u& f! D. b0 h& P$ B2 J
interface GigabitEthernet0/0/1
% g1 h9 T0 h, T2 E ip address 12.1.1.1 255.255.255.0
1 N' w4 K7 `: e2 K/ ^% [- W" r nat outbound 2000
2 X3 k' o8 i* J5 v" A //NAT出接口调用ACL2000 * z( N% H7 o$ A. {5 I
#, \$ |4 J- b- U8 {
interface GigabitEthernet0/0/2
% X/ b! ~+ ~6 g# p* {" y4 J ip address 13.1.1.1 255.255.255.0
$ f' V' I5 G! X: y; X' H nat outbound 2000
% @4 X s% |# q2 u //NAT出接口调用ACL2000
. O- L' D( k, z( ^2 e
9 m8 a' v+ w* y5 c: s* Stelnet组建
: C6 d1 Y3 g2 z9 v2 U/ r
* n( J4 m- K( {8 OSW1:(核心交换机)1 z4 _; o8 m) c: P& o: ~
interface Vlanif9991 H# M& e; t) k n( w J
ip address 192.168.255.1 255.255.255.0' b3 q& I. y) O- E3 i
#9 s, c/ t3 ~$ Z8 M# `
telnet server enable //开启telent服务
6 n8 e, ~, {5 t#
7 w$ I6 `0 a/ h# W( Paaa
v' J4 M. i3 N7 \5 c* G e6 ulocal-user aa password cipher 123+ b. M8 h. H g. |+ R" t. Y
local-user aa privilege level 15 //设置aa用户级别15
U& Y/ ]7 S) tlocal-user huawei service-type telnet //设置用户可以登录telnet# e: B' z& g9 {/ m( g& L
## W) H, t, `8 @0 c2 O. E
user-interface vty 0 4 //同时满足4人登录
2 N$ n1 ~* g Q; q( W" W0 @- Aauthentication-mode aaa //认证协议aaa4 s! H" k/ f4 [3 }7 d) W
3 F. I, [' W5 o( M+ t0 y8 f
3 k: U P" q' q
SW2:(服务器汇聚交换机)
, }+ d( T/ J+ s9 Ointerface Vlanif9993 ]' A& n0 P& }" X% x/ a( C- N
ip address 192.168.255.2 255.255.255.0( P" V. V* }" O5 o8 R1 ~1 |3 y1 _
#
1 B5 P) G' g; g9 \0 ?- O6 N+ H& t) Btelnet server enable //开启telent服务
( R1 _. L c9 X; T! \5 C#
1 v+ _; J- h' Z3 j' Qtelnet服务同核心
8 V3 u% k: M: `& L6 U( y$ X#
: h! W7 k+ q, s9 o$ m2 t# iip route-static 0.0.0.0 0 192.168.255.1 //管理VLAN回包缺省路由,下一跳核心交换机
3 n; R0 P& m/ F" ?9 T0 f
5 ~3 L7 I4 S. g7 {% j, }7 {SW3:$ C& I0 C5 i3 u
interface Vlanif999
5 {5 @% I) B" ?3 D/ D ip address 192.168.255.3 255.255.255.01 a9 `' l5 a% D! m4 p
#9 C& u3 i2 U6 F" l- }& ?3 u; E5 P
telnet服务同核心
; w! s# A) n6 l7 `: y#9 F- K0 K B$ M
ip route-static 0.0.0.0 0 192.168.255.1 //管理VLAN回包缺省路由,下一跳核心交换机$ b" L5 X) j4 b1 a% o
0 F6 A/ O% e) L# g+ V( fSW4:* d* d C8 V+ }
interface Vlanif999
8 w( G' l% S. g# x6 W* {; N ip address 192.168.255.4 255.255.255.03 t- d1 k. Q. z# `( @' b
#( a9 E5 o. v4 e K W
telnet服务同核心( o: ]/ F: R9 j" J) ~
#; S; H: g! D! S3 f# E* F
ip route-static 0.0.0.0 0 192.168.255.1 //管理VLAN回包缺省路由,下一跳核心交换机8 X) Q0 b7 d0 Q2 O7 a( C/ x
, m1 I5 A" z8 B: w& l
SW7:# c+ y7 M0 L1 g5 L
interface Vlanif999: t) i X/ q3 G5 Z" \0 r- b3 w/ D
ip address 192.168.255.7 255.255.255.0: I) ?1 |$ f3 e) i+ R4 U+ j0 H" T
#
/ y; n7 }% L0 k1 L* e/ r" J+ dtelnet服务同核心
; I1 J2 R+ p- J5 O#
* ~/ \& j2 q$ e/ O$ n# Rip route-static 0.0.0.0 0 192.168.255.1 //管理VLAN回包缺省路由,下一跳核心交换机
& \9 W( B d! w3 B4 u
! G0 e/ j! w. y( F: [# ~SW8:! u, F% s, z5 z: `% ~! \4 N
interface Vlanif9996 q/ O1 Y" g: V4 S
ip address 192.168.255.8 255.255.255.0
( U0 i2 t6 N A% v$ u0 A! }#
1 {& @( P/ e _+ Jteltelnet服务同核心
8 Z7 V7 P* X) d! `; p4 V8 A#
( d+ _# k* d. g6 ^ip route-static 0.0.0.0 0 192.168.255.1 //管理VLAN回包缺省路由,下一跳核心交换机
2 [6 I S2 p6 F( S# L# ~4 a$ H- _( v8 {) e! F( e U
SW9:0 a9 ^' f m6 V% K1 n# @8 i
interface Vlanif999
' Y0 C5 a3 E' f/ w; j/ p ip address 192.168.255.9 255.255.255.0. M8 u: A9 f9 |) R" U7 b5 y: J
#4 Z, _- V, }3 a2 b- y8 p
telnet服务同核心
1 L* d: _1 ]1 U8 Q5 [% G#
. g+ I8 R+ m {4 Bip route-static 0.0.0.0 0 192.168.255.1 //管理VLAN回包缺省路由,下一跳核心交换机
" m5 g4 L& ?: I5 z1 U/ J( ?+ O7 E6 }% X }
SW10:
- N7 W. t% j. p0 m' f4 {# uinterface Vlanif999/ T# w$ a4 k3 ~5 H" O
ip address 192.168.255.10 255.255.255.04 ~4 f! ~0 @9 W" [; x7 _9 ^9 v, W4 B
#
$ ^ J( s1 p- b$ C Ctelnet服务同核心
* u* N& P% ]7 k# Q; ]; h#0 R: J) E5 Z- B: f9 T
ip route-static 0.0.0.0 0 192.168.255.1 //管理VLAN回包缺省路由,下一跳核心交换机
1 D: s$ d* V' l: j: q" X+ P: J, J1 d/ y2 T8 d$ [& d7 ]
ACL控制7 A$ q- U/ F6 g9 }6 W& ^
1 O7 r# Q# g' _( N
acl 3000 //启用高级ACL
, i: ]$ R3 j7 \8 W# Nrule deny ip source 192.168.30.0 0.0.0.255 destination 192.168
# U8 B/ F' z/ u* E$ P& P9 w1 @ g5 a.200.4 0
- ?6 I+ F: e! |2 y' P' g; I//拒绝源IP为192.168.30.0网段的用户到达目的为192.168.200.4
2 m/ x1 l; D6 [traffic-filter vlan 30 inbound acl 3000( {6 j; J/ D) z) _; \7 n) y
//vlan 30 入口启用 ACL 3000 规则
& | T7 f. m; w; s$ H
3 P- z9 v# T- N7 B; a( ~# _! Q6 F* J: w3 M
|
评分
-
查看全部评分
|
所有IT类厂商认证考试题库下载
【新盟教育】2023最新华为HCIA全套视频合集【网工基础全覆盖】---国sir公开课合集
【新盟教育】网工小白必看的!2023最新版华为认证HCIA Datacom零基础全套实战课
原创_超融合自动化运维工具cvTools
重量级~~30多套JAVA就业班全套 视频教程(请尽快下载,链接失效后不补)
链接已失效【超过几百G】EVE 国内和国外镜像 全有了 百度群分享
某linux大佬,积累多年的电子书(约300本)
乾颐堂现任明教教主Python完整版
乾颐堂 教主技术进化论 2018-2019年 最新31-50期合集视频(各种最新技术杂谈视频)
Python学习视频 0起点视频 入门到项目实战篇 Python3.5.2视频教程 共847集 能学102天
约21套Python视频合集 核心基础视频教程(共310G,已压缩)
最新20180811录制 IT爱好者-清风羽毛 - 网络安全IPSec VPN实验指南视频教程
最新20180807录制EVE开机自启动虚拟路由器并桥接物理网卡充当思科路由器
[复制链接]
