华为ensp园区网络设计与实施

  

1.企业背景

2.项目具体要求

3. 实验拓扑及规划

3.1 网络拓扑结构图

3.2 网络设备命名与设备连接表

3.3 IP地址规划

3.4 VLAN规划表

4. 开启telnet管理功能

4.1 开启路由器telnet:

4.2 开启交换机telnet:

5. 配置端口聚合

6. 配置网关冗余VRRP

6.1 配置VRRP与接口状态联动

7. 配置单臂路由

8. 配置DHCP服务

8.1 配置DHCP全局地址池

8.2 配置DHCP中继

8.3 配置DHCP Snooping+IPSG+DAL

9. 配置生成树MSTP协议

10. 配置OSPF

10.1 配置OSPF边缘端口

11. 配置默认路由

12. 配置NAT· 

12.1 动态地址转换·

12.2 NAT Server

13. 配置ACL访问控制列表

14. 各设备的运行配置列表

14.1 路由器:

14.1.1 CJ15net24_zb_R_1 配置文件: 

14.1.2 CJ15net24_fb1_R_2 配置文件: 

14.1.3 CJ15net24_fb2_R_3 配置文件: 

14.1.4 CJ15net24_out_R_4 配置文件: 

14.2 三层交换机:

14.2.1 CJ15net24_zb_SW_1 配置文件: 

14.2.2 CJ15net24_zb_SW_2 配置文件: 

14.3.3 CJ15net24_fwq_SW_7 配置文件:

14.3 二层交换机:

14.3.1 CJ15net24_zb_SW_3 配置文件: 

14.3.2 CJ15net24_zb_SW_4 配置文件: 

14.3.3 CJ15net24_zb_SW_5 配置文件: 

14.3.4 CJ15net24_zb_SW_6 配置文件: 

14.3.5 CJ15net24_fb1_SW_9 配置文件: 

14.3.6 CJ15net24_fb2_SW_10 配置文件: 

14.4 服务器:

14.4.1 CJ15net24_fwq_DHCP配置文件

园区网络设计与实施文档

1.企业背景

某集团经过业务发展,总公司在广州市体育中心附近,在海珠区和白云区有二个分公司,为了实现快捷的信息交流和资源共享,需要构建统一网络,整合公司所有相关业务流程。总公司采用双核心的网络架构模式,采用专线接入互联网,二个分公司分别租用二条专线光纤线路进行连接,特向ISP供应商取得如下公网IP地址:202.16.10.5~20/27,现要求组建网络,总体要求如下:

    1. 保证整个网络的稳定性、可靠性。
    2. 各单位部门能通过地址转换连接上互联网。
    3. 各部门划分VLAN,只有经理室才能访问分公司。
    4. 要求集团各部门能通过FTP服务器进行文件传输。
    5. 内网和外网均能访问公司的主页。

2.项目具体要求

  • 画出总的拓扑结构图
  • 作出具体IP地址规划和VLAN规划
  • 写出网络设备连接表
  • 给所有的设备进行命名,命令规则:姓名01_部门简称_设备名_编号
  • 在所有设备上开启 telnet 管理功能,管理设备使用 cjnet做为用户名,口令为 telnet123
  • 总部的交换网络中,在两台三层核心交换机通过端口聚合进行冗余备份,各交换机间采用MSTP,核心交换机作为根桥,并作流量均衡。
  • 全网采用专门的DHCP服务器进行IP统一分配。
  • 全公司均能访问FTP服务器和WEB服务器。
  • 总公司各部门均能相互访问,分公司各部门亦能相互访问,但只有总公司的经理部能访问公司各部门的数据。
  • 制作网络工程实施文档以供查阅与维护。

3. 实验拓扑及规划

3.1 网络拓扑结构图

根据项目要求绘制网络拓扑结构图,如图3.1所示:

 

3.1 网络拓扑结构图

3.2 网络设备命名与设备连接表

根据网络拓扑结构图绘制网络设备命名与设备连接表,如表1所示:

表1  设备命名与设备连接表

部门名称

设备名称

互联接口

连接至

设备名称

互联接口

网络中心

LJY27_zb_LSW1

G0/0/1

LJY27_zb_AR1

G0/0/1

G0/0/2

LJY27_jlb_LSW3

G0/0/1

G0/0/3

LJY27_cwb_LSW4

G0/0/1

G0/0/4

LJY27_rsb_LSW5

G0/0/1

G0/0/5

LJY27_kfb_LSW6

G0/0/1

G0/0/21

LJY27_zb_LSW2

G0/0/21

G0/0/22

LJY27_zb_LSW2

G0/0/22

G0/0/23

LJY27_zb_LSW2

G0/0/23

G0/0/24

LJY27_zb_LSW2

G0/0/24

LJY27_zb_LSW2

G0/0/2

LJY27_zb_AR1

G0/0/2

G0/0/3

LJY27_jlb_LSW3

G0/0/2

G0/0/4

LJY27_cwb_LSW4

G0/0/2

G0/0/5

LJY27_rsb_LSW5

G0/0/2

G0/0/6

LJY27_kfb_LSW6

G0/0/2

G0/0/21

LJY27_zb_LSW1

G0/0/21

G0/0/22

LJY27_zb_LSW1

G0/0/22

G0/0/23

LJY27_zb_LSW1

G0/0/23

G0/0/24

LJY27_zb_LSW1

G0/0/24

LJY27_zb_AR1

S1/0/0

AR4

S1/0/0

G4/0/0

LJY27_fgs_AR2

G0/0/0

G4/0/1

LJY27_fgs2_AR3

G0/0/1

G0/0/1

LJY27_zb_LSW1

G0/0/1

G0/0/2

LJY27_zb_LSW2

G0/0/2

G0/0/0

LJY27_fwq_LSW7

G0/0/1

LJY27_jlb_LSW3

G0/0/1

LJY27_zb_LSW1

G0/0/2

G0/0/2

LJY27_zb_LSW2

G0/0/3

E0/0/1

LJY27_jlb_PC3

E0/0/1

LJY27_cwb_LSW4

G0/0/1

LJY27_zb_LSW1

G0/0/3

G0/0/2

LJY27_zb_LSW2

G0/0/4

E0/0/1

LJY27_cwb_PC4

E0/0/1

LJY27_rsb_LSW5

G0/0/1

LJY27_zb_LSW1

G0/0/4

G0/0/2

LJY27_zb_LSW2

G0/0/5

E0/0/1

LJY27_rsb_PC5

E0/0/1

LJY27_kfb_LSW6

G0/0/1

LJY27_zb_LSW1

G0/0/5

G0/0/2

LJY27_zb_LSW2

G0/0/6

E0/0/1

LJY27_kfb_PC6

E0/0/1

LJY27_fwq_LSW7

G0/0/4

LJY27_fwq_FTP

E0/0/0

G0/0/3

LJY27_fwq_HTTP

E0/0/0

G0/0/2

LJY27_fwq_DHCP

G0/0/0

G0/0/1

LJY27_zb_AR1

G0/0/0

LJY27_fgs_AR2

G0/0/0

LJY27_zb_AR1

G4/0/0

G0/0/1

LJY27_fgs_LSW9

G0/0/1

LJY27_fgs2_AR3

G0/0/1

LJY27_zb_AR1

G4/0/1

G0/0/2

LJY27_fgs2_LSW10

G0/0/2

LJY27_fgs_LSW9

G0/0/1

LJY27_fgs_AR2

G0/0/1

E0/0/1

LJY27_xsb_PC1

E0/0/1

E0/0/2

LJY27_glb_PC2

E0/0/1

LJY27_fgs2_LSW10

G0/0/2

LJY27_fgs2_AR3

G0/0/2

E0/0/1

LJY27_xsb2_PC7

E0/0/1

E0/0/2

LJY27_glb2_PC8

E0/0/1

外网

AR4

S1/0/0

LJY27_zb_AR1

S1/0/0

网络中心

LJY27_xsb_PC1

E0/0/1

LJY27_fgs_LSW9

E0/0/1

LJY27_glb_PC2

E0/0/1

LJY27_fgs_LSW9

E0/0/2

LJY27_jlb_PC3

E0/0/1

LJY27_jlb_LSW3

E0/0/1

LJY27__cwb_PC4

E0/0/1

LJY27_cwb_LSW4

E0/0/1

LJY27_rsb_PC5

E0/0/1

LJY27_rsb_LSW5

E0/0/1

LJY27_kfb_PC6

E0/0/1

LJY27_kfb_LSW6

E0/0/1

LJY27_fwq_DHCP

G0/0/0

LJY27_fwq_LSW7

G0/0/2

LJY27_fwq_HTTP

E0/0/0

LJY27_fwq_LSW7

G0/0/3

LJY27_fwq_FTP

E0/0/0

LJY27_fwq_LSW7

G0/0/4

LJY27_xsb2_PC7

E0/0/1

LJY27_fgs2_LSW10

E0/0/1

LJY27_glb2_PC8

E0/0/1

LJY27_fgs2_LSW10

E0/0/2

3.3 IP地址规划

根据网络拓扑结构图绘制IP地址规划表,如表2所示:

表2  设备IP地址规划表

部门名称

设备名称

接口

IP地址

子网掩码

总部

LJY27_zb_AR1

G4/0/0

10.10.20.2

30

G4/0/1

10.10.10.1

30

G0/0/1

10.10.30.1

30

G0/0/2

10.10.40.1

30

G0/0/0

10.10.50.1

30

S1/0/0

202.16.10.20

27

LJY27_zb_LSW1

G0/0/1

10.10.30.2

30

G0/0/2

192.27.10.252

24

G0/0/3

192.27.20.252

24

G0/0/4

192.27.30.253

24

G0/0/5

192.27.40.253

24

LJY27_zb_LSW2

G0/0/2

10.10.40.2

30

G0/0/3

192.27.10.253

24

G0/0/4

192.27.20.253

24

G0/0/5

192.27.30.252

24

G0/0/6

192.27.40.252

24

服务区

LJY27_fwq_LSW7

G0/0/1

10.10.50.2

30

G0/0/0/2-4

172.16.1.254

24

分公司1

LJY27_fgs_AR2

G0/0/0

10.10.20.1

30

G0/0/1.100

192.27.100.254

24

G0/0/1.110

192.27.110.254

24

分公司2

LJY27_fgs2_AR3

G0/0/1

10.10.10.2

30

G0/0/2.200

192.27.200.254

24

G0/0/2.210

192.27.210.254

24

外网

AR4

S1/0/0

202.16.10.1

27

3.4 VLAN规划表

根据项目要求制作VLAN规划表,如表3所示:

表3  Vlan规划表

序号

部门名称

VLAN编号

VLAN名称

IP地址

子网掩码

备注

1

经理部

10

Jingli

DHCP自动获取

255.255.255.0

网关:192.168.10.254

2

财务部

20

DHCP自动获取

255.255.255.0

192.168.20.254

3

人事部

30

DHCP自动获取

255.255.255.0

192.168.30.254

4

开发部

40

DHCP自动获取

255.255.255.0

192.168.40.254

5

管理部1

100

DHCP自动获取

255.255.255.0

192.168.100.254

6

销售部1

110

DHCP自动获取

255.255.255.0

192.168.110.254

7

管理部2

200

DHCP自动获取

255.255.255.0

192.168.200.254

8

销售部2

210

DHCP自动获取

255.255.255.0

192.168.210.254

9

分公司2AR3

10

10.10.10.2

255.255.255.252

10

分公司1AR2

20

10.10.20.1

255.255.255.252

11

zbAR1-SW1

70

10.10.30.2

255.255.255.252

12

zbAR1-SW2

80

10.10.40.2

255.255.255.252

13

服务器区

50

10.10.50.2

255.255.255.252

14

管理vlan

15

互联vlan

4. 开启telnet管理功能

开启设备的telnet管理功能,并为交换机配置管理IP(交换机使用vlan 1做管理vlan),实现远程登录控制网络设备。

配置过程:

4.1 开启路由器telnet:

LJY27_zb_AR1:

<LJY27_zb_AR1>sys

Enter system view, return user view with Ctrl+Z.

[LJY27_zb_AR1]telnet server enable

 Error: TELNET server has been enabled

[LJY27_zb_AR1]user-interface vty 0 4

[LJY27_zb_AR1-ui-vty0-4]authentication-mode aaa

[LJY27_zb_AR1-ui-vty0-4]aaa

[LJY27_zb_AR1-aaa]local-user cjnet password cipher telnet123

Info: Add a new user.

[LJY27_zb_AR1-aaa]user-interface vty 0 4

[LJY27_zb_AR1-ui-vty0-4]authentication-mode aaa

[LJY27_zb_AR1-ui-vty0-4]user privilege level 15 [LJY27_zb_AR1-ui-vty0-4]

LJY27_fgs_AR2:

<LJY27_fgs_AR2>sys

Enter system view, return user view with Ctrl+Z.

[LJY27_fgs_AR2]telnet server enable

 Error: TELNET server has been enabled

[LJY27_fgs_AR2]user-interface vty 0 4

[LJY27_fgs_AR2-ui-vty0-4]authentication-mode aaa

[LJY27_fgs_AR2-ui-vty0-4]aaa

[LJY27_fgs_AR2-aaa]local-user cjnet password cipher telnet123

Info: Add a new user.

[LJY27_fgs_AR2]user-interface vty 0 4

[LJY27_fgs_AR2-ui-vty0-4]user privilege level 15

[LJY27_fgs_AR2-ui-vty0-4]authentication-mode aaa

LJY27_fgs2_AR3:

<LJY27_fgs2_AR3>sys

Enter system view, return user view with Ctrl+Z.

[LJY27_fgs2_AR3]telnet server enable

 Error: TELNET server has been enabled

[LJY27_fgs2_AR3]user-interface vty 0 4

[LJY27_fgs2_AR3-ui-vty0-4]authentication-mode aaa

[LJY27_fgs2_AR3-ui-vty0-4]aaa

[LJY27_fgs2_AR3-aaa]local-user cjnet password cipher telnet123

Info: Add a new user.

[LJY27_fgs2_AR3-aaa]user-interface vty 0 4

[LJY27_fgs2_AR3-ui-vty0-4]user privilege level 15

[LJY27_fgs2_AR3-ui-vty0-4]authentication-mode aaa

[LJY27_fgs2_AR3-ui-vty0-4]

4.2 开启交换机telnet:

LJY27_zb_LSW1:

<LJY27_zb_LSW1>sys

Enter system view, return user view with Ctrl+Z.

[LJY27_zb_LSW1]telnet server enable

Info: The Telnet server has been enabled.

[LJY27_zb_LSW1]user-interface vty 0 4

[LJY27_zb_LSW1-ui-vty0-4]protocol inbound telnet

[LJY27_zb_LSW1-ui-vty0-4]authentication-mode aaa

[LJY27_zb_LSW1-ui-vty0-4]aaa

[LJY27_zb_LSW1-aaa]local-user cjnet password cipher telnet123

Info: Add a new user.

[LJY27_zb_LSW1-aaa]local-user cjnet privilege level 15

[LJY27_zb_LSW1-aaa]local-user cjnet service-type telnet

LJY27_zb_LSW2:

<LJY27_zb_LSW2>sys

Enter system view, return user view with Ctrl+Z.

[LJY27_zb_LSW2]telnet server enable

Info: The Telnet server has been enabled.

[LJY27_zb_LSW2]user-interface vty 0 4

[LJY27_zb_LSW2-ui-vty0-4]protocol inbound telnet

[LJY27_zb_LSW2-ui-vty0-4]authentication-mode aaa

[LJY27_zb_LSW2-ui-vty0-4]aaa

[LJY27_zb_LSW2-aaa]local-user cjnet password cipher telnet123

Info: Add a new user.

[LJY27_zb_LSW2-aaa]local-user cjnet privilege level 15

[LJY27_zb_LSW2-aaa]local-user cjnet service-type telnet

LJY27_fwq_LSW7:

<LJY27_fwq_LSW7>sys

Enter system view, return user view with Ctrl+Z.

[LJY27_fwq_LSW7]telnet server enable

Info: The Telnet server has been enabled.

[LJY27_fwq_LSW7]user-interface vty 0 4

[LJY27_fwq_LSW7-ui-vty0-4]protocol inbound telnet

[LJY27_fwq_LSW7-ui-vty0-4]authentication-mode aaa

[LJY27_fwq_LSW7-ui-vty0-4]local-user cjnet password cipher telnet123

[LJY27_fwq_LSW7-ui-vty0-4]aaa

[LJY27_fwq_LSW7-aaa]local-user cjnet password cipher telnet123

Info: Add a new user.

[LJY27_fwq_LSW7-aaa]local-user cjnet privilege level 15

[LJY27_fwq_LSW7-aaa]local-user cjnet service-type telnet

5. 配置端口聚合

采用链路聚合技术可以在不进行硬件升级的条件下,通过将多个物理接口捆绑为一个逻辑接口,达到增加链路带宽的目的。在实现增大带宽目的的同时,链路聚合采用备份链路的机制,可以有效的提高设备之间链路的可靠性。

LJY27_zb_LSW1:

<LJY27_zb_LSW1>sys

Enter system view, return user view with Ctrl+Z.

[LJY27_zb_LSW1]int Eth-Trunk 1

[LJY27_zb_LSW1-Eth-Trunk1]trunkport g0/0/21

Info: This operation may take a few seconds. Please wait for a moment...done.

[LJY27_zb_LSW1-Eth-Trunk1]trunkport g0/0/22

Info: This operation may take a few seconds. Please wait for a moment...done.

[LJY27_zb_LSW1-Eth-Trunk1]trunkport g0/0/23

Info: This operation may take a few seconds. Please wait for a moment...done.

[LJY27_zb_LSW1-Eth-Trunk1]trunkport g0/0/24

Info: This operation may take a few seconds. Please wait for a moment...done.

[LJY27_zb_LSW1-Eth-Trunk1]port link-type trunk

[LJY27_zb_LSW1-Eth-Trunk1]port trunk allow-pass vlan all

LJY27_zb_LSW2:

<LJY27_zb_LSW2>sys

Enter system view, return user view with Ctrl+Z.

[LJY27_zb_LSW2]int Eth-Trunk 1

[LJY27_zb_LSW2-Eth-Trunk1]trunkport g0/0/21

Info: This operation may take a few seconds. Please wait for a moment...done.

[LJY27_zb_LSW2-Eth-Trunk1]trunkport g0/0/22

Info: This operation may take a few seconds. Please wait for a moment...done.

[LJY27_zb_LSW2-Eth-Trunk1]trunkport g0/0/23

Info: This operation may take a few seconds. Please wait for a moment...done.

[LJY27_zb_LSW2-Eth-Trunk1]trunkport g0/0/24

Info: This operation may take a few seconds. Please wait for a moment...done.

[LJY27_zb_LSW2-Eth-Trunk1]port link-type trunk

[LJY27_zb_LSW2-Eth-Trunk1]port trunk allow-pass vlan all

核心交换机冗余备份

Vrrp mstp在其他地方配置了

7. 配置单臂路由

分公司1

LJY27_fgs_AR2

[LJY27_fgs_AR2]int g0/0/1.100

[LJY27_fgs_AR2-GigabitEtherne0/0/1.100]ip add 192.27.100.254 24

[LJY27_fgs_AR2-GigabitEtherne0/0/1.100]dot1q termination vid 100

[LJY27_fgs_AR2-GigabitEthernet0/0/1.100]arp broadcast enable

[LJY27_fgs_AR2-GigabitEthernet0/0/0.10]int g0/0/1.110

[LJY27_fgs_AR2-GigabitEthernet0/0/1.110]ip add 192.27.110.254 24

[LJY27_fgs_AR2-GigabitEthernet0/0/1.110]dot1q termination vid 110

[LJY27_fgs_AR2-GigabitEthernet0/0/1.110]arp broadcast enable

LJY27_fgs_LSW9:   

[LJY27_fgs_LSW9]vlan 100

[LJY27_fgs_LSW9-vlan100]vlan 110

[LJY27_fgs_LSW9]int e0/0/1

[LJY27_fgs_LSW9-Ethernet0/0/1]port link-type access  

[LJY27_fgs_LSW9-Ethernet0/0/1]port default vlan 100 

[LJY27_fgs_LSW9]int e0/0/2           

[LJY27_fgs_LSW9-Ethernet0/0/2]port link-type access

[LJY27_fgs_LSW9-Ethernet0/0/2]port default vlan 110

[LJY27_fgs_LSW9]int g0/0/3            

[LJY27_fgs_LSW9-GigabitEthernet0/0/1]port link-type trunk   

[LJY27_fgs_LSW9- GigabitEthernet0/0/1]port trunk allow-pass vlan 100 110

分公司2

LJY27_fgs2_AR3:

[LJY27_fgs2_AR3]int g0/0/2.200

[LJY27_fgs2_AR3-GigabitEtherne0/0/2.200]ip add 192.27.200.254 24

[LJY27_fgs2_AR3-GigabitEtherne0/0/2.200]dot1q termination vid 200

[LJY27_fgs2_AR3-GigabitEthernet0/0/2.200]arp broadcast enable

[LJY27_fgs2_AR3-GigabitEthernet0/0/2.210]int g0/0/2.210

[LJY27_fgs2_AR3-GigabitEthernet0/0/2.210]]ip add 192.27.210.254 24

[LJY27_fgs2_AR3-GigabitEthernet0/0/2.210]]dot1q termination vid 210

[LJY27_fgs2_AR3-GigabitEthernet0/0/2.210]]arp broadcast enable

LJY27_fgs2_LSW10:   

[LJY27_fgs2_LSW10]vlan 200

[LJY27_fgs2_LSW10-vlan200]vlan 210

[LJY27_fgs2_LSW10]int e0/0/1

[LJY27_fgs2_LSW10-Ethernet0/0/1]port link-type access  

[LJY27_fgs2_LSW10-Ethernet0/0/1]port default vlan 200 

[LJY27_fgs2_LSW10]int e0/0/2           

[LJY27_fgs2_LSW10-Ethernet0/0/2]port link-type access

[LJY27_fgs2_LSW10-Ethernet0/0/2]port default vlan 210

[LJY27_fgs2_LSW10]int g0/0/2            

[LJY27_fgs2_LSW10-GigabitEthernet0/0/2]port link-type trunk   

[LJY27_fgs2_LSW10- GigabitEthernet0/0/2]port trunk allow-pass vlan 200 210

8. 配置DHCP服务

LJY27_fwq_DHCP

配置分公司1

[LJY27_fwq_DHCP]dhcp enable

Info: The operation may take a few seconds. Please wait for a moment.done.

[LJY27_fwq_DHCP]ip pool fgs1

Info: It's successful to create an IP address pool.

[LJY27_fwq_DHCP-ip-pool-fgs1]network 192.27.100.0 mask 255.255.255.0

[LJY27_fwq_DHCP-ip-pool-fgs1]network 192.27.110.0 mask 255.255.255.0

Error:Please delete the network section first.

[LJY27_fwq_DHCP-ip-pool-fgs1]gateway-list 192.27.100.254

[LJY27_fwq_DHCP]ip pool fgs1glb1

Info: It's successful to create an IP address pool.

[LJY27_fwq_DHCP-ip-pool-fgs1glb1]network 192.27.110.0 mask 255.255.255.0

[LJY27_fwq_DHCP-ip-pool-fgs1glb1]gateway-list 192.27.110.254

配置分公司2:

<LJY27_fwq_DHCP>sys

Enter system view, return user view with Ctrl+Z.

[LJY27_fwq_DHCP]ip pool fgs2xsb2

Info: It's successful to create an IP address pool.

[LJY27_fwq_DHCP-ip-pool-fgs2xsb2]network 192.27.200.0 mask 255.255.255.0

[LJY27_fwq_DHCP-ip-pool-fgs2xsb2]gateway-list 192.27.200.254

[LJY27_fwq_DHCP-ip-pool-fgs2xsb2]ip pool fgs2glb2

Info: It's successful to create an IP address pool.

[LJY27_fwq_DHCP-ip-pool-fgs2glb2]network 192.27.210.0 mask 255.255.255.0

[LJY27_fwq_DHCP-ip-pool-fgs2glb2]gateway-list 192.27.210.254

配置分公司1销售部1

<LJY27_fgs_AR2>sys

Enter system view, return user view with Ctrl+Z.

[LJY27_fgs_AR2]dhcp en

[LJY27_fgs_AR2]dhcp enable

Info: The operation may take a few seconds. Please wait for a moment.done.

[LJY27_fgs_AR2]int g0/0/1.100

[LJY27_fgs_AR2-GigabitEthernet0/0/1.100]dhcp select relay

[LJY27_fgs_AR2-GigabitEthernet0/0/1.100]dhcp relay server-ip 172.16.1.1

分公司1管理部1

[LJY27_fgs_AR2]int g0/0/1.110

[LJY27_fgs_AR2-GigabitEthernet0/0/1.110]dhcp select relay

[LJY27_fgs_AR2-GigabitEthernet0/0/1.110]dhcp relay server-ip 172.16.1.1

配置分公司2

<LJY27_fgs2_AR3>sys

Enter system view, return user view with Ctrl+Z.

[LJY27_fgs2_AR3]dhcp enable

Info: The operation may take a few seconds. Please wait for a moment.done.

[LJY27_fgs2_AR3]int g0/0/2.200

[LJY27_fgs2_AR3-GigabitEthernet0/0/2.200]dhcp select relay

[LJY27_fgs2_AR3-GigabitEthernet0/0/2.200]dhcp relay server-ip 172.16.1.1

[LJY27_fgs2_AR3-GigabitEthernet0/0/2.200]int g0/0/2.210

[LJY27_fgs2_AR3-GigabitEthernet0/0/2.210]dhcp select relay

[LJY27_fgs2_AR3-GigabitEthernet0/0/2.210]dhcp relay server-ip 172.16.1.1

配置总部

<LJY27_fwq_DHCP> sys

Enter system view, return user view with Ctrl+Z.

[LJY27_fwq_DHCP]dhcp enable

[LJY27_fwq_DHCP]ip pool zbjlb

Info: It's successful to create an IP address pool.

[LJY27_fwq_DHCP-ip-pool-zbjlb]network 192.27.10.0 mask 255.255.255.0

[LJY27_fwq_DHCP-ip-pool-zbjlb]gateway-list 192.27.10.254

[LJY27_fwq_DHCP-ip-pool-zbjlb]excluded-ip-address 192.27.10.252 192.27.10.253

[LJY27_fwq_DHCP]ip pool zbcwb

Info: It's successful to create an IP address pool.

[LJY27_fwq_DHCP-ip-pool-zbcwb]network 192.27.20.0 mask 255.255.255.0

[LJY27_fwq_DHCP-ip-pool-zbcwb]gateway-list 192.27.20.254

[LJY27_fwq_DHCP-ip-pool-zbcwb]excluded-ip-address 192.27.20.252 192.27.20.253

[LJY27_fwq_DHCP-ip-pool-zbcwb]ip pool zbrsb

Info: It's successful to create an IP address pool.

[LJY27_fwq_DHCP-ip-pool-zbrsb]network 192.27.30.0 mask 255.255.255.0

[LJY27_fwq_DHCP-ip-pool-zbrsb]gateway-list 192.27.30.254

[LJY27_fwq_DHCP-ip-pool-zbrsb]excluded-ip-address 192.27.30.252 192.27.30.253

[LJY27_fwq_DHCP-ip-pool-zbrsb]ip pool zbkfb

Info: It's successful to create an IP address pool.

[LJY27_fwq_DHCP-ip-pool-zbkfb]network 192.27.40.0 mask 255.255.255.0

[LJY27_fwq_DHCP-ip-pool-zbkfb]gateway-list 192.27.40.254

[LJY27_fwq_DHCP-ip-pool-zbkfb]excluded-ip-address 192.27.40.252 192.27.40.253

[LJY27_fwq_DHCP-ip-pool-zbkfb]int g0/0/0

[LJY27_fwq_DHCP-GigabitEthernet0/0/0]dhcp select global

VRRP:

LJY27_zb_LSW1

<LJY27_zb_LSW1>sys

Enter system view, return user view with Ctrl+Z.

[LJY27_zb_LSW1]dhcp enable

Info: The operation may take a few seconds. Please wait for a moment.done.

[LJY27_zb_LSW1]int vlan10

[LJY27_zb_LSW1-Vlanif10]vrrp vrid 10 virtual-ip 192.27.10.254

[LJY27_zb_LSW1-Vlanif10]vrrp vrid 1 priority 120

[LJY27_zb_LSW1-Vlanif10]dhcp sel relay

[LJY27_zb_LSW1-Vlanif10]dhcp relay server-ip 172.16.1.1

[LJY27_zb_LSW1]int vlan 20

[LJY27_zb_LSW1-Vlanif20]vrrp vrid 20 virtual-ip 192.27.20.254

[LJY27_zb_LSW1-Vlanif20]vrrp vrid 1 priority 120

[LJY27_zb_LSW1-Vlanif20]dhcp select relay

[LJY27_zb_LSW1-Vlanif20]dhcp relay server-ip 172.16.1.1

[LJY27_zb_LSW1-Vlanif20]int vlan 30

[LJY27_zb_LSW1-Vlanif30]vrrp vrid 30 virtual-ip 192.27.30.254

[LJY27_zb_LSW1-Vlanif30]dhcp select relay

[LJY27_zb_LSW1-Vlanif30]dhcp relay server-ip 172.16.1.1

[LJY27_zb_LSW1-Vlanif30]int vlan 40

[LJY27_zb_LSW1-Vlanif40]vrrp vrid 40 virtual-ip 192.27.40.254

[LJY27_zb_LSW1-Vlanif40]dhcp select relay

[LJY27_zb_LSW1-Vlanif40]dhcp relay server-ip 172.16.1.1

LJY27_zb_LSW2

<LJY27_zb_LSW2>sys

Enter system view, return user view with Ctrl+Z.

[LJY27_zb_LSW2]dhcp enable

Info: The operation may take a few seconds. Please wait for a moment.done.

[LJY27_zb_LSW2]int vlan 10

[LJY27_zb_LSW2-Vlanif10]vrrp vrid 10 virtual-ip 192.27.10.254

[LJY27_zb_LSW2-Vlanif10]dhcp select relay

[LJY27_zb_LSW2-Vlanif10]dhcp relay server-ip 172.16.1.1

[LJY27_zb_LSW2-Vlanif10]int vlan 20

[LJY27_zb_LSW2-Vlanif20]vrrp vrid 20 virtual-ip 192.27.20.254

[LJY27_zb_LSW2-Vlanif20]dhcp select relay

[LJY27_zb_LSW2-Vlanif20]dhcp relay server-ip 172.16.1.1

[LJY27_zb_LSW2-Vlanif20]int vlan 30

[LJY27_zb_LSW2-Vlanif30]vrrp vrid 30 virtual-ip 192.27.30.254

[LJY27_zb_LSW2-Vlanif30]vrrp vrid 1 priority 120

[LJY27_zb_LSW2-Vlanif30]dhcp select relay

[LJY27_zb_LSW2-Vlanif30]dhcp relay server-ip 172.16.1.1

[LJY27_zb_LSW2-Vlanif30]int vlan 40

[LJY27_zb_LSW2-Vlanif40]vrrp vrid 40 virtual-ip 192.27.40.254

[LJY27_zb_LSW2-Vlanif40]vrrp vrid 1 priority 120

[LJY27_zb_LSW2-Vlanif40]dhcp select relay

[LJY27_zb_LSW2-Vlanif40]dhcp relay server-ip 172.16.1.1

9. 配置生成树MSTP协议

LJY27_zb_LSW1

<LJY27_zb_LSW1>sys

Enter system view, return user view with Ctrl+Z.

[LJY27_zb_LSW1]stp mode mstp

[LJY27_zb_LSW1]stp region-configuration

[LJY27_zb_LSW1-mst-region]region-name huawei

[LJY27_zb_LSW1-mst-region]revision-level 1

[LJY27_zb_LSW1-mst-region]instance 1 vlan 10

[LJY27_zb_LSW1-mst-region]instance 2 vlan 20

[LJY27_zb_LSW1-mst-region]instance 3 vlan 30

[LJY27_zb_LSW1-mst-region]instance 4 vlan 40

[LJY27_zb_LSW1-mst-region]active region-configuration

Info: This operation may take a few seconds. Please wait for a moment...done.

[LJY27_zb_LSW1-mst-region]q

[LJY27_zb_LSW1]stp instance 1 root primary

[LJY27_zb_LSW1]stp instance 2 root primary

[LJY27_zb_LSW1]stp instance 3 root secondary

[LJY27_zb_LSW1]stp instance 4 root secondary

LJY27_zb_LSW2

<LJY27_zb_LSW2>

<LJY27_zb_LSW2>sys

Enter system view, return user view with Ctrl+Z.

[LJY27_zb_LSW2]stp mode mstp

[LJY27_zb_LSW2]stp region-configuration

[LJY27_zb_LSW2-mst-region]region-name huawei

[LJY27_zb_LSW2-mst-region]revision-level 1

[LJY27_zb_LSW2-mst-region]instance 1 vlan 10

[LJY27_zb_LSW2-mst-region]instance 2 vlan 20

[LJY27_zb_LSW2-mst-region]instance 3 vlan 30

[LJY27_zb_LSW2-mst-region]instance 4 vlan 40

[LJY27_zb_LSW2-mst-region]active region-configuration

Info: This operation may take a few seconds. Please wait for a moment...done.

[LJY27_zb_LSW2-mst-region]q

[LJY27_zb_LSW2]stp instance 1 root secondary

[LJY27_zb_LSW2]stp instance 2 root secondary

[LJY27_zb_LSW2]stp instance 3 root primary

[LJY27_zb_LSW2]stp instance 4 root primary

10. 配置OSPF

LJY27_fgs_AR2:

<LJY27_fgs_AR2>sys

Enter system view, return user view with Ctrl+Z.

[LJY27_fgs_AR2]ospf 1

[LJY27_fgs_AR2-ospf-1]silent-interface g0/0/1.100

[LJY27_fgs_AR2-ospf-1]silent-interface g0/0/1.110

[LJY27_fgs_AR2-ospf-1]area 0

[LJY27_fgs_AR2-ospf-1-area-0.0.0.0]network 10.10.20.0 0.0.0.3

[LJY27_fgs_AR2-ospf-1-area-0.0.0.0]network 192.27.100.0 0.0.0.255

[LJY27_fgs_AR2-ospf-1-area-0.0.0.0]network 192.27.110.0 0.0.0.255

LJY27_zb_AR1:

<LJY27_zb_AR1>sys

Enter system view, return user view with Ctrl+Z.

[LJY27_zb_AR1]ospf 1

[LJY27_zb_AR1-ospf-1]area 0

[LJY27_zb_AR1-ospf-1-area-0.0.0.0] network 10.10.20.0 0.0.0.3

[LJY27_zb_AR1-ospf-1-area-0.0.0.2] network 10.10.10.0 0.0.0.3

[LJY27_zb_AR1-ospf-1-area-0.0.0.0]network10.10.30.0 0.0.0.3

[LJY27_zb_AR1-ospf-1-area-0.0.0.0]network10.10.40.0 0.0.0.3

[LJY27_zb_AR1-ospf-1-area-0.0.0.0]network10.10.50.0 0.0.0.3

LJY27_zb_LSW1:

<LJY27_zb_LSW1> sys

Enter system view, return user view with Ctrl+Z.

[LJY27_zb_LSW1]ospf 1

[LJY27_zb_LSW1-ospf-1]silent-interface g0/0/2

[LJY27_zb_LSW1-ospf-1]silent-interface g0/0/3

[LJY27_zb_LSW1-ospf-1]silent-interface g0/0/4

[LJY27_zb_LSW1-ospf-1]silent-interface g0/0/5

[LJY27_zb_LSW1-ospf-1]area 0

[LJY27_zb_LSW1-ospf-1-area-0.0.0.0]network 10.10.30.0 0.0.0.3

[LJY27_zb_LSW1-ospf-1-area-0.0.0.0]network192.27.10.0 0.0.0.255

[LJY27_zb_LSW1-ospf-1-area-0.0.0.0]network 192.27.20.0 0.0.0.255

[LJY27_zb_LSW1-ospf-1-area-0.0.0.0]network 192.27.30.0 0.0.0.255

[LJY27_zb_LSW1-ospf-1-area-0.0.0.0]network 192.27.40.0 0.0.0.255

LJY27_zb_LSW2

<LJY27_zb_LSW2>          sys

Enter system view, return user view with Ctrl+Z.

[LJY27_zb_LSW2]ospf 1

[LJY27_zb_LSW2-ospf-1]silent-interface g0/0/3

[LJY27_zb_LSW2-ospf-1]silent-interface g0/0/4

[LJY27_zb_LSW2-ospf-1]silent-interface g0/0/5

[LJY27_zb_LSW2-ospf-1]silent-interface g0/0/6

[LJY27_zb_LSW2-ospf-1]area 0

[LJY27_zb_LSW2-ospf-1-area-0.0.0.0]network 10.10.40.0 0.0.0.3

[LJY27_zb_LSW2-ospf-1-area-0.0.0.0]network 192.27.10.0 0.0.0.255

[LJY27_zb_LSW2-ospf-1-area-0.0.0.0]network 192.27.20.0 0.0.0.255

[LJY27_zb_LSW2-ospf-1-area-0.0.0.0]network 192.27.30.0 0.0.0.255

[LJY27_zb_LSW2-ospf-1-area-0.0.0.0]network 192.27.40.0 0.0.0.255

LJY27_fwq_LSW7:

<LJY27_fwq_LSW7> sys

Enter system view, return user view with Ctrl+Z.

[LJY27_fwq_LSW7]ospf 1

[LJY27_fwq_LSW7-ospf-1]area 0

[LJY27_fwq_LSW7-ospf-1-area-0.0.0.0]network10.10.50.0 0.0.0.3

[LJY27_fwq_LSW7-ospf-1-area-0.0.0.0]network172.16.1.0 0.0.0.255

LJY27_fwq_DHCP:

<LJY27_fwq_DHCP>sys

Enter system view, return user view with Ctrl+Z.

[LJY27_fwq_DHCP]ospf 1

[LJY27_fwq_DHCP-ospf-1]area 0

[LJY27_fwq_DHCP-ospf-1-area-0.0.0.0]netw

[LJY27_fwq_DHCP-ospf-1-area-0.0.0.0]network 172.16.1.0 0.0.0.255

LJY27_fgs2_AR3:

<Huawei>sys

Enter system view, return user view with Ctrl+Z.

[Huawei]sysname LJY27_fgs2_AR3

[LJY27_fgs2_AR3]ospf 1

[LJY27_fgs2_AR3-ospf-1]silent-interface g0/0/2.200

[LJY27_fgs2_AR3-ospf-1]silent-interface g0/0/2.210

[LJY27_fgs2_AR3-ospf-1]area 2

[LJY27_fgs2_AR3-ospf-1-area-0.0.0.2] network 10.10.10.0 0.0.0.3

[LJY27_fgs2_AR3-ospf-1-area-0.0.0.2] network 192.27.200.0 0.0.0.255

[LJY27_fgs2_AR3-ospf-1-area-0.0.0.2] network 192.27.210.0 0.0.0.255

11. 配置默认路由

LJY27_fgs_AR2:

<LJY27_fgs_AR2>sys

Enter system view, return user view with Ctrl+Z.

[LJY27_fgs_AR2]ip route-static 0.0.0.0 0.0.0.0 10.10.20.2

LJY27_fgs2_AR3:

<LJY27_fgs2_AR3>sys

Enter system view, return user view with Ctrl+Z.

[LJY27_fgs2_AR3]ip route-static 0.0.0.0 0.0.0.0 10.10.10.1

LJY27_fwq_DHCP:

<LJY27_fwq_DHCP>sys

Enter system view, return user view with Ctrl+Z.

[LJY27_fwq_DHCP]ip route-static 0.0.0.0 0.0.0.0 172.16.1.254

[LJY27_fwq_LSW7]ip route-static 202.16.10.1 27 10.10.50.1

LJY27_zb_AR1:

<LJY27_zb_AR1>sys

Enter system view, return user view with Ctrl+Z.

[LJY27_zb_AR1]ip route-static 0.0.0.0 0.0.0.0 202.16.10.1

LJY27_zb_LSW1:

<LJY27_zb_LSW1>sys

Enter system view, return user view with Ctrl+Z.

[LJY27_zb_LSW1]ip route-static 0.0.0.0 0.0.0.0 10.10.30.1

LJY27_zb_LSW2:

<LJY27_zb_LSW2>sys

Enter system view, return user view with Ctrl+Z.

[LJY27_zb_LSW2]ip route-static 0.0.0.0 0.0.0.0 10.10.40.1

LJY27_fgs_AR2:

<LJY27_fgs_AR2>sys

Enter system view, return user view with Ctrl+Z.

[LJY27_fgs_AR2]ip route-static 0.0.0.0 0.0.0.0 10.10.20.2

LJY27_fgs2_AR3

<LJY27_fgs2_AR3>sys

Enter system view, return user view with Ctrl+Z.

[LJY27_fgs2_AR3]ip route-static 0.0.0.0 0.0.0.0 10.10.10.1

LJY27_fwq_LSW7:

<LJY27_fwq_LSW7>sys

Enter system view, return user view with Ctrl+Z.

[LJY27_fwq_LSW7]ip route-static 0.0.0.0 0.0.0.0 10.10.50.1

AR4:

<Huawei>sys

[Huawei]ip route-static 172.16.1.0 255.255.255.0 202.16.10.5

12. 配置NAT

LJY27_zb_AR1:

<LJY27_zb_AR1>sys

Enter system view, return user view with Ctrl+Z.

[LJY27_zb_AR1]int s1/0/0

[LJY27_zb_AR1-Serial1/0/0]ip add 202.16.10.5 27

[LJY27_zb_AR1-Serial1/0/0]nat address-group 1 202.16.10.6 202.16.10.19

[LJY27_zb_AR1]acl 2001

[LJY27_zb_AR1-acl-basic-2001]rule 5 permit source 192.27.100.0 0.0.0.255

[LJY27_zb_AR1-acl-basic-2001]rule 10 permit source 192.27.110.0 0.0.0.255

[LJY27_zb_AR1-acl-basic-2001]rule 15 permit source 192.27.200.0 0.0.0.255

[LJY27_zb_AR1-acl-basic-2001]rule 20 permit source 192.27.210.0 0.0.0.255

[LJY27_zb_AR1-acl-basic-2001]rule 25 permit source 192.27.10.0 0.0.0.255

[LJY27_zb_AR1-acl-basic-2001]rule 30 permit source 192.27.20.0 0.0.0.255

[LJY27_zb_AR1-acl-basic-2001]rule 35 permit source 192.27.30.0 0.0.0.255

[LJY27_zb_AR1-acl-basic-2001]rule 40 permit source 192.27.40.0 0.0.0.25

[LJY27_zb_AR1-acl-basic-2001]rule 40 permit source 192.27.40.0 0.0.0.255

[LJY27_zb_AR1-acl-basic-2001]int s1/0/0

[LJY27_zb_AR1-Serial1/0/0]nat outbound 2001 address-group 1 no-pat

[LJY27_zb_AR1-Serial1/0/0]ip route-static 0.0.0.0 0.0.0.0 202.16.10.1

[LJY27_zb_AR1]int s1/0/0

[LJY27_zb_AR1-Serial1/0/0]nat server protocol tcp global 202.16.10.20 www inside 172.16.1.2 8080

13. 配置ACL访问控制列表

LJY27_zb_AR1

[LJY27_zb_AR1]acl 2000

[LJY27_zb_AR1-acl-basic-2000]rule 5 deny source 192.27.20.0 0.0.0.255

[LJY27_zb_AR1-acl-basic-2000]rule 10 deny source 192.27.30.0 0.0.0.255

[LJY27_zb_AR1-acl-basic-2000]rule 15 deny source 192.27.40.0 0.0.0.255

[LJY27_zb_AR1-acl-basic-2000]rule 20 permit source 192.27.10.0 0.0.0.255

[LJY27_zb_AR1-acl-basic-2000]int g4/0/0

[LJY27_zb_AR1-GigabitEthernet4/0/0]traffic-filter outbound acl 2000

[LJY27_zb_AR1-GigabitEthernet4/0/0]int g4/0/1

[LJY27_zb_AR1-GigabitEthernet4/0/1]traffic-filter outbound acl 2000

14. 各设备的运行配置列表

分公司1

LJY27_fgs_AR2

<LJY27_fgs_AR2>dis cu

[V200R003C00]

#

 sysname LJY27_fgs_AR2

#

 snmp-agent local-engineid 800007DB03000000000000

 snmp-agent

#

 clock timezone China-Standard-Time minus 08:00:00

#

portal local-server load flash:/portalpage.zip

#

 drop illegal-mac alarm

#

 wlan ac-global carrier id other ac id 0

#

 set cpu-usage threshold 80 restore 75

#

dhcp enable

#

aaa

 authentication-scheme default

 authorization-scheme default

 accounting-scheme default

 domain default

 domain default_admin

 local-user admin password cipher %$%$K8m.Nt84DZ}e#<0`8bmE3Uw}%$%$

 local-user admin service-type http

 local-user cjnet password cipher %$%$0[F_!Ib<';4!Rp>F[='$Q"M:%$%$

#

firewall zone Local

 priority 15

#

interface GigabitEthernet0/0/0

 ip address 10.10.20.1 255.255.255.252

#

interface GigabitEthernet0/0/1

#

interface GigabitEthernet0/0/1.100

 dot1q termination vid 100

 ip address 192.27.100.254 255.255.255.0

 arp broadcast enable

 dhcp select relay

 dhcp relay server-ip 172.16.1.1

#

interface GigabitEthernet0/0/1.110

 dot1q termination vid 110

 ip address 192.27.110.254 255.255.255.0

 arp broadcast enable

 dhcp select relay

 dhcp relay server-ip 172.16.1.1

#

interface GigabitEthernet0/0/2

#

interface NULL0

#

ospf 1

 silent-interface GigabitEthernet0/0/1.100

 silent-interface GigabitEthernet0/0/1.110

 area 0.0.0.1

  network 10.10.20.0 0.0.0.3

  network 192.27.100.0 0.0.0.255

  network 192.27.110.0 0.0.0.255

#

ip route-static 0.0.0.0 0.0.0.0 10.10.20.2

#

user-interface con 0

 authentication-mode password

user-interface vty 0 4

 authentication-mode aaa

 user privilege level 15

user-interface vty 16 20

#

wlan ac

#

return

LJY27_fgs_LSW9

<LJY27_fgs_LSW9>

<LJY27_fgs_LSW9>dis cu

#

sysname LJY27_fgs_LSW9

#

undo info-center enable

#

vlan batch 100 110

#

cluster enable

ntdp enable

ndp enable

#

drop illegal-mac alarm

#

diffserv domain default

#

drop-profile default

#

aaa

 authentication-scheme default

 authorization-scheme default

 accounting-scheme default

 domain default

 domain default_admin

 local-user admin password simple admin

 local-user admin service-type http

#

interface Vlanif1

#

interface MEth0/0/1

#

interface Ethernet0/0/1

 port link-type access

 port default vlan 100

#

interface Ethernet0/0/2

 port link-type access

 port default vlan 110

#

interface Ethernet0/0/3

#

interface Ethernet0/0/4

#

interface Ethernet0/0/5

#

interface Ethernet0/0/6

#

interface Ethernet0/0/7

#

interface Ethernet0/0/8

#

interface Ethernet0/0/9

#

interface Ethernet0/0/10

#

interface Ethernet0/0/11

#

interface Ethernet0/0/12

#

interface Ethernet0/0/13

#

interface Ethernet0/0/14

#

interface Ethernet0/0/15

#

interface Ethernet0/0/16

#

interface Ethernet0/0/17

#

interface Ethernet0/0/18

#

interface Ethernet0/0/19

#

interface Ethernet0/0/20

#

interface Ethernet0/0/21

#

interface Ethernet0/0/22

#

interface GigabitEthernet0/0/1

 port link-type trunk

 port trunk allow-pass vlan 100 110

#

interface GigabitEthernet0/0/2

#

interface NULL0

#

user-interface con 0

user-interface vty 0 4

#

return

分公司2

LJY27_fgs2_AR3

<LJY27_fgs2_AR3>dis cu

[V200R003C00]

#

 sysname LJY27_fgs2_AR3

#

 snmp-agent local-engineid 800007DB03000000000000

 snmp-agent

#

 clock timezone China-Standard-Time minus 08:00:00

#

portal local-server load flash:/portalpage.zip

#

 drop illegal-mac alarm

#

 wlan ac-global carrier id other ac id 0

#

 set cpu-usage threshold 80 restore 75

#

dhcp enable

#

aaa

 authentication-scheme default

 authorization-scheme default

 accounting-scheme default

 domain default

 domain default_admin

 local-user admin password cipher %$%$K8m.Nt84DZ}e#<0`8bmE3Uw}%$%$

 local-user admin service-type http

 local-user cjnet password cipher %$%$[Umu:,[lPOwwxi)imKu-Q'8=%$%$

#

firewall zone Local

 priority 15

#

interface GigabitEthernet0/0/0

#

interface GigabitEthernet0/0/1

 ip address 10.10.10.2 255.255.255.252

#

interface GigabitEthernet0/0/2

#

interface GigabitEthernet0/0/2.200

 dot1q termination vid 200

 ip address 192.27.200.254 255.255.255.0

 arp broadcast enable

 dhcp select relay

 dhcp relay server-ip 172.16.1.1

#

interface GigabitEthernet0/0/2.210

 dot1q termination vid 210

 ip address 192.27.210.254 255.255.255.0

 arp broadcast enable

 dhcp select relay

 dhcp relay server-ip 172.16.1.1

#

interface NULL0

#

ospf 1

 silent-interface GigabitEthernet0/0/2.200

 silent-interface GigabitEthernet0/0/2.210

 area 0.0.0.2

  network 10.10.10.0 0.0.0.3

  network 192.27.200.0 0.0.0.255

  network 192.27.210.0 0.0.0.255

#

ip route-static 0.0.0.0 0.0.0.0 10.10.10.1

#

user-interface con 0

 authentication-mode password

user-interface vty 0 4

 authentication-mode aaa

 user privilege level 15

user-interface vty 16 20

#

wlan ac

#

return

LJY27_fgs2_LSW10

<LJY27_fgs2_LSW10>dis cu

#

sysname LJY27_fgs2_LSW10

#

undo info-center enable

#

vlan batch 200 210

#

cluster enable

ntdp enable

ndp enable

#

drop illegal-mac alarm

#

diffserv domain default

#

drop-profile default

#

aaa

 authentication-scheme default

 authorization-scheme default

 accounting-scheme default

 domain default

 domain default_admin

 local-user admin password simple admin

 local-user admin service-type http

#

interface Vlanif1

#

interface MEth0/0/1

#

interface Ethernet0/0/1

 port link-type access

 port default vlan 200

#

interface Ethernet0/0/2

 port link-type access

 port default vlan 210

#

interface Ethernet0/0/3

#

interface Ethernet0/0/4

#

interface Ethernet0/0/5

#

interface Ethernet0/0/6

#

interface Ethernet0/0/7

#

interface Ethernet0/0/8

#

interface Ethernet0/0/9

#

interface Ethernet0/0/10

#

interface Ethernet0/0/11

#

interface Ethernet0/0/12

#

interface Ethernet0/0/13

#

interface Ethernet0/0/14

#

interface Ethernet0/0/15

#

interface Ethernet0/0/16

#

interface Ethernet0/0/17

#

interface Ethernet0/0/18

#

interface Ethernet0/0/19

#

interface Ethernet0/0/20

#

interface Ethernet0/0/21

#

interface Ethernet0/0/22

#

interface GigabitEthernet0/0/1

#

interface GigabitEthernet0/0/2

 port link-type trunk

 port trunk allow-pass vlan 200 210

#

interface NULL0

#

user-interface con 0

user-interface vty 0 4

#

return

总部

LJY27_zb_AR1

<LJY27_zb_AR1>dis cu

[V200R003C00]

#

 sysname LJY27_zb_AR1

#

 board add 0/1 2SA

 board add 0/4 4GET

#

 snmp-agent local-engineid 800007DB03000000000000

 snmp-agent

#

 clock timezone China-Standard-Time minus 08:00:00

#

portal local-server load flash:/portalpage.zip

#

 drop illegal-mac alarm

#

 undo info-center enable

#

 wlan ac-global carrier id other ac id 0

#

 set cpu-usage threshold 80 restore 75

#

acl number 2000 

 rule 5 deny source 192.27.20.0 0.0.0.255

 rule 10 deny source 192.27.30.0 0.0.0.255

 rule 15 deny source 192.27.40.0 0.0.0.255

 rule 20 permit source 192.27.10.0 0.0.0.255

acl number 2001 

 rule 5 permit source 192.27.100.0 0.0.0.255

 rule 10 permit source 192.27.110.0 0.0.0.255

 rule 15 permit source 192.27.200.0 0.0.0.255

 rule 20 permit source 192.27.210.0 0.0.0.255

 rule 25 permit source 192.27.10.0 0.0.0.255

 rule 30 permit source 192.27.20.0 0.0.0.255

 rule 35 permit source 192.27.30.0 0.0.0.255

 rule 40 permit source 192.27.40.0 0.0.0.255

#

aaa

 authentication-scheme default

 authorization-scheme default

 accounting-scheme default

 domain default

 domain default_admin

 local-user admin password cipher %$%$K8m.Nt84DZ}e#<0`8bmE3Uw}%$%$

 local-user admin service-type http

 local-user cjnet password cipher %$%$1i3F4C4ho:YM4e<Y/8+7Q&4}%$%$

#

firewall zone Local

 priority 15

#

 nat address-group 1 202.16.10.6 202.16.10.19

#

interface Serial1/0/0

 link-protocol ppp

 ip address 202.16.10.5 255.255.255.224

 nat server protocol tcp global 202.16.10.20 www inside 172.16.1.2 8080

 nat outbound 2001 address-group 1 no-pat

#

interface Serial1/0/1

 link-protocol ppp

#

interface GigabitEthernet0/0/0

 ip address 10.10.50.1 255.255.255.252

#

interface GigabitEthernet0/0/1

 ip address 10.10.30.1 255.255.255.252

#

interface GigabitEthernet0/0/2

 ip address 10.10.40.1 255.255.255.252

#

interface GigabitEthernet4/0/0

 ip address 10.10.20.2 255.255.255.252

 traffic-filter outbound acl 2000

#

interface GigabitEthernet4/0/1

 ip address 10.10.10.1 255.255.255.252

 traffic-filter outbound acl 2000

#

interface GigabitEthernet4/0/2

#

interface GigabitEthernet4/0/3

#

interface NULL0

#

ospf 1

 area 0.0.0.0

  network 10.10.30.0 0.0.0.3

  network 10.10.40.0 0.0.0.3

  network 10.10.50.0 0.0.0.3

 area 0.0.0.1

  network 10.10.20.0 0.0.0.3

 area 0.0.0.2

  network 10.10.10.0 0.0.0.3

#

ip route-static 0.0.0.0 0.0.0.0 202.16.10.1

#

user-interface con 0

 authentication-mode password

user-interface vty 0 4

 authentication-mode aaa

 user privilege level 15

user-interface vty 16 20

#

wlan ac

#

return

LJY27_zb_LSW1

<LJY27_zb_LSW1>dis cu

#

sysname LJY27_zb_LSW1

#

undo info-center enable

#

vlan batch 10 20 30 40 70

#

stp instance 1 root primary

stp instance 2 root primary

stp instance 3 root secondary

stp instance 4 root secondary

#

cluster enable

ntdp enable

ndp enable

#

undo nap slave enable

#

drop illegal-mac alarm

#

dhcp enable

#

diffserv domain default

#

stp region-configuration

 region-name huawei

 revision-level 1

 instance 1 vlan 10

 instance 2 vlan 20

 instance 3 vlan 30

 instance 4 vlan 40

 active region-configuration

#

drop-profile default

#

aaa

 authentication-scheme default

 authorization-scheme default

 accounting-scheme default

 domain default

 domain default_admin

 local-user admin password simple admin

 local-user admin service-type http

 local-user cjnet password cipher >:@7=5T:*&II>,Z,88J:Q!!

 local-user cjnet privilege level 15

 local-user cjnet service-type telnet

#

interface Vlanif1

#

interface Vlanif10

 ip address 192.27.10.252 255.255.255.0

 vrrp vrid 10 virtual-ip 192.27.10.254

 dhcp select relay

 dhcp relay server-ip 172.16.1.1

#

interface Vlanif20

 ip address 192.27.20.252 255.255.255.0

 vrrp vrid 20 virtual-ip 192.27.20.254

 dhcp select relay

 dhcp relay server-ip 172.16.1.1

#

interface Vlanif30

 ip address 192.27.30.253 255.255.255.0

 vrrp vrid 30 virtual-ip 192.27.30.254

 dhcp select relay

 dhcp relay server-ip 172.16.1.1

#

interface Vlanif40

 ip address 192.27.40.253 255.255.255.0

 vrrp vrid 40 virtual-ip 192.27.40.254

 dhcp select relay

 dhcp relay server-ip 172.16.1.1

#

interface Vlanif70

 ip address 10.10.30.2 255.255.255.252

#

interface MEth0/0/1

#

interface Eth-Trunk1

 port link-type trunk

 port trunk allow-pass vlan 2 to 4094

#

interface GigabitEthernet0/0/1

 port link-type access

 port default vlan 70

#

interface GigabitEthernet0/0/2

 port link-type trunk

 port trunk allow-pass vlan 2 to 4094

#

interface GigabitEthernet0/0/3

 port link-type trunk

 port trunk allow-pass vlan 2 to 4094

#

interface GigabitEthernet0/0/4

 port link-type trunk

 port trunk allow-pass vlan 2 to 4094

#

interface GigabitEthernet0/0/5

 port link-type trunk

 port trunk allow-pass vlan 2 to 4094

#

interface GigabitEthernet0/0/6

#

interface GigabitEthernet0/0/7

#

interface GigabitEthernet0/0/8

#

interface GigabitEthernet0/0/9

#

interface GigabitEthernet0/0/10

#

interface GigabitEthernet0/0/11

#

interface GigabitEthernet0/0/12

#

interface GigabitEthernet0/0/13

#

interface GigabitEthernet0/0/14

#

interface GigabitEthernet0/0/15

#

interface GigabitEthernet0/0/16

#

interface GigabitEthernet0/0/17

#

interface GigabitEthernet0/0/18

#

interface GigabitEthernet0/0/19

#

interface GigabitEthernet0/0/20

#

interface GigabitEthernet0/0/21

 eth-trunk 1

#

interface GigabitEthernet0/0/22

 eth-trunk 1

#

interface GigabitEthernet0/0/23

 eth-trunk 1

#

interface GigabitEthernet0/0/24

 eth-trunk 1

#

interface NULL0

#

ospf 1

 silent-interface GigabitEthernet0/0/2

 silent-interface GigabitEthernet0/0/3

 silent-interface GigabitEthernet0/0/4

 silent-interface GigabitEthernet0/0/5

 area 0.0.0.0

  network 10.10.30.0 0.0.0.3

  network 192.27.10.0 0.0.0.255

  network 192.27.20.0 0.0.0.255

  network 192.27.30.0 0.0.0.255

  network 192.27.40.0 0.0.0.255

#

ip route-static 0.0.0.0 0.0.0.0 10.10.30.1

#

user-interface con 0

user-interface vty 0 4

 authentication-mode aaa

#

return

LJY27_zb_LSW2

<LJY27_zb_LSW2>dis cu

#

sysname LJY27_zb_LSW2

#

undo info-center enable

#

vlan batch 10 20 30 40 80

#

stp instance 1 root secondary

stp instance 2 root secondary

stp instance 3 root primary

stp instance 4 root primary

#

cluster enable

ntdp enable

ndp enable

#

undo nap slave enable

#

drop illegal-mac alarm

#

dhcp enable

#

diffserv domain default

#

stp region-configuration

 region-name huawei

 revision-level 1

 instance 1 vlan 10

 instance 2 vlan 20

 instance 3 vlan 30

 instance 4 vlan 40

 active region-configuration

#

drop-profile default

#

aaa

 authentication-scheme default

 authorization-scheme default

 accounting-scheme default

 domain default

 domain default_admin

 local-user admin password simple admin

 local-user admin service-type http

 local-user cjnet password cipher >:@7=5T:*&II>,Z,88J:Q!!

 local-user cjnet privilege level 15

 local-user cjnet service-type telnet

#

interface Vlanif1

#

interface Vlanif10

 ip address 192.27.10.253 255.255.255.0

 vrrp vrid 10 virtual-ip 192.27.10.254

 dhcp select relay

 dhcp relay server-ip 172.16.1.1

#

interface Vlanif20

 ip address 192.27.20.253 255.255.255.0

 vrrp vrid 20 virtual-ip 192.27.20.254

 dhcp select relay

 dhcp relay server-ip 172.16.1.1

#

interface Vlanif30

 ip address 192.27.30.252 255.255.255.0

 vrrp vrid 30 virtual-ip 192.27.30.254

 dhcp select relay

 dhcp relay server-ip 172.16.1.1

#

interface Vlanif40

 ip address 192.27.40.252 255.255.255.0

 vrrp vrid 40 virtual-ip 192.27.40.254

 dhcp select relay

 dhcp relay server-ip 172.16.1.1

#

interface Vlanif80

 ip address 10.10.40.2 255.255.255.252

#

interface MEth0/0/1

#

interface Eth-Trunk1

 port link-type trunk

 port trunk allow-pass vlan 2 to 4094

#

interface GigabitEthernet0/0/1

#

interface GigabitEthernet0/0/2

 port link-type access

 port default vlan 80

#

interface GigabitEthernet0/0/3

 port link-type trunk

 port trunk allow-pass vlan 2 to 4094

#

interface GigabitEthernet0/0/4

 port link-type trunk

 port trunk allow-pass vlan 2 to 4094

#

interface GigabitEthernet0/0/5

 port link-type trunk

 port trunk allow-pass vlan 2 to 4094

#

interface GigabitEthernet0/0/6

 port link-type trunk

 port trunk allow-pass vlan 2 to 4094

#

interface GigabitEthernet0/0/7

#

interface GigabitEthernet0/0/8

#

interface GigabitEthernet0/0/9

#

interface GigabitEthernet0/0/10

#

interface GigabitEthernet0/0/11

#

interface GigabitEthernet0/0/12

#

interface GigabitEthernet0/0/13

#

interface GigabitEthernet0/0/14

#

interface GigabitEthernet0/0/15

#

interface GigabitEthernet0/0/16

#

interface GigabitEthernet0/0/17

#

interface GigabitEthernet0/0/18

#

interface GigabitEthernet0/0/19

#

interface GigabitEthernet0/0/20

#

interface GigabitEthernet0/0/21

 eth-trunk 1

#

interface GigabitEthernet0/0/22

 eth-trunk 1

#

interface GigabitEthernet0/0/23

 eth-trunk 1

#

interface GigabitEthernet0/0/24

 eth-trunk 1

#

interface NULL0

#

ospf 1

 silent-interface GigabitEthernet0/0/3

 silent-interface GigabitEthernet0/0/4

 silent-interface GigabitEthernet0/0/5

 silent-interface GigabitEthernet0/0/6

 area 0.0.0.0

  network 10.10.40.0 0.0.0.3

  network 192.27.10.0 0.0.0.255

  network 192.27.20.0 0.0.0.255

  network 192.27.30.0 0.0.0.255

  network 192.27.40.0 0.0.0.255

#

ip route-static 0.0.0.0 0.0.0.0 10.10.40.1

#

user-interface con 0

user-interface vty 0 4

 authentication-mode aaa

#

return

LJY27_jlb_LSW3

<LJY27_jlb_LSW3>dis cu

#

sysname LJY27_jlb_LSW3

#

undo info-center enable

#

vlan batch 10

#

cluster enable

ntdp enable

ndp enable

#

drop illegal-mac alarm

#

diffserv domain default

#

drop-profile default

#

aaa

 authentication-scheme default

 authorization-scheme default

 accounting-scheme default

 domain default

 domain default_admin

 local-user admin password simple admin

 local-user admin service-type http

#

interface Vlanif1

#

interface MEth0/0/1

#

interface Ethernet0/0/1

 port link-type access

 port default vlan 10

#

interface Ethernet0/0/2

#

interface Ethernet0/0/3

#

interface Ethernet0/0/4

#

interface Ethernet0/0/5

#

interface Ethernet0/0/6

#

interface Ethernet0/0/7

#

interface Ethernet0/0/8

#

interface Ethernet0/0/9

#

interface Ethernet0/0/10

#

interface Ethernet0/0/11

#

interface Ethernet0/0/12

#

interface Ethernet0/0/13

#

interface Ethernet0/0/14

#

interface Ethernet0/0/15

#

interface Ethernet0/0/16

#

interface Ethernet0/0/17

#

interface Ethernet0/0/18

#

interface Ethernet0/0/19

#

interface Ethernet0/0/20

#

interface Ethernet0/0/21

#

interface Ethernet0/0/22

#

interface GigabitEthernet0/0/1

 port link-type trunk

 port trunk allow-pass vlan 2 to 4094

#

interface GigabitEthernet0/0/2

 port link-type trunk

 port trunk allow-pass vlan 2 to 4094

#

interface NULL0

#

user-interface con 0

user-interface vty 0 4

#

return

LJY27_cwb_LSW4

<LJY27_cwb_LSW4>dis cu

#

sysname LJY27_cwb_LSW4

#

vlan batch 20

#

cluster enable

ntdp enable

ndp enable

#

drop illegal-mac alarm

#

diffserv domain default

#

drop-profile default

#

aaa

 authentication-scheme default

 authorization-scheme default

 accounting-scheme default

 domain default

 domain default_admin

 local-user admin password simple admin

 local-user admin service-type http

#

interface Vlanif1

#

interface MEth0/0/1

#

interface Ethernet0/0/1

 port link-type access

 port default vlan 20

#

interface Ethernet0/0/2

#

interface Ethernet0/0/3

#

interface Ethernet0/0/4

#

interface Ethernet0/0/5

#

interface Ethernet0/0/6

#

interface Ethernet0/0/7

#

interface Ethernet0/0/8

#

interface Ethernet0/0/9

#

interface Ethernet0/0/10

#

interface Ethernet0/0/11

#

interface Ethernet0/0/12

#

interface Ethernet0/0/13

#

interface Ethernet0/0/14

#

interface Ethernet0/0/15

#

interface Ethernet0/0/16

#

interface Ethernet0/0/17

#

interface Ethernet0/0/18

#

interface Ethernet0/0/19

#

interface Ethernet0/0/20

#

interface Ethernet0/0/21

#

interface Ethernet0/0/22

#

interface GigabitEthernet0/0/1

 port link-type trunk

 port trunk allow-pass vlan 2 to 4094

#

interface GigabitEthernet0/0/2

 port link-type trunk

 port trunk allow-pass vlan 2 to 4094

#

interface NULL0

#

user-interface con 0

user-interface vty 0 4

#

return

LJY27_rsb_LSW5

<LJY27_rsb_LSW5>dis cu

#

sysname LJY27_rsb_LSW5

#

undo info-center enable

#

vlan batch 30

#

cluster enable

ntdp enable

ndp enable

#

drop illegal-mac alarm

#

diffserv domain default

#

drop-profile default

#

aaa

 authentication-scheme default

 authorization-scheme default

 accounting-scheme default

 domain default

 domain default_admin

 local-user admin password simple admin

 local-user admin service-type http

#

interface Vlanif1

#

interface MEth0/0/1

#

interface Ethernet0/0/1

 port link-type access

 port default vlan 30

#

interface Ethernet0/0/2

#

interface Ethernet0/0/3

#

interface Ethernet0/0/4

#

interface Ethernet0/0/5

#

interface Ethernet0/0/6

#

interface Ethernet0/0/7

#

interface Ethernet0/0/8

#

interface Ethernet0/0/9

#

interface Ethernet0/0/10

#

interface Ethernet0/0/11

#

interface Ethernet0/0/12

#

interface Ethernet0/0/13

#

interface Ethernet0/0/14

#

interface Ethernet0/0/15

#

interface Ethernet0/0/16

#

interface Ethernet0/0/17

#

interface Ethernet0/0/18

#

interface Ethernet0/0/19

#

interface Ethernet0/0/20

#

interface Ethernet0/0/21

#

interface Ethernet0/0/22

#

interface GigabitEthernet0/0/1

 port link-type trunk

 port trunk allow-pass vlan 2 to 4094

#

interface GigabitEthernet0/0/2

 port link-type trunk

 port trunk allow-pass vlan 2 to 4094

#

interface NULL0

#

user-interface con 0

user-interface vty 0 4

#

return

LJY27_kfb_LSW6

<LJY27_kfb_LSW6>dis cu

#

sysname LJY27_kfb_LSW6

#

undo info-center enable

#

vlan batch 40

#

cluster enable

ntdp enable

ndp enable

#

drop illegal-mac alarm

#

diffserv domain default

#

drop-profile default

#

aaa

 authentication-scheme default

 authorization-scheme default

 accounting-scheme default

 domain default

 domain default_admin

 local-user admin password simple admin

 local-user admin service-type http

#

interface Vlanif1

#

interface MEth0/0/1

#

interface Ethernet0/0/1

 port link-type access

 port default vlan 40

#

interface Ethernet0/0/2

#

interface Ethernet0/0/3

#

interface Ethernet0/0/4

#

interface Ethernet0/0/5

#

interface Ethernet0/0/6

#

interface Ethernet0/0/7

#

interface Ethernet0/0/8

#

interface Ethernet0/0/9

#

interface Ethernet0/0/10

#

interface Ethernet0/0/11

#

interface Ethernet0/0/12

#

interface Ethernet0/0/13

#

interface Ethernet0/0/14

#

interface Ethernet0/0/15

#

interface Ethernet0/0/16

#

interface Ethernet0/0/17

#

interface Ethernet0/0/18

#

interface Ethernet0/0/19

#

interface Ethernet0/0/20

#

interface Ethernet0/0/21

#

interface Ethernet0/0/22

#

interface GigabitEthernet0/0/1

 port link-type trunk

 port trunk allow-pass vlan 2 to 4094

#

interface GigabitEthernet0/0/2

 port link-type trunk

 port trunk allow-pass vlan 2 to 4094

#

interface NULL0

#

user-interface con 0

user-interface vty 0 4

#

Return

服务器

LJY27_fwq_LSW7

<LJY27_fwq_LSW7>dis cu

#

sysname LJY27_fwq_LSW7

#

undo info-center enable

#

vlan batch 50 60

#

cluster enable

ntdp enable

ndp enable

#

undo nap slave enable

#

drop illegal-mac alarm

#

diffserv domain default

#

drop-profile default

#

aaa

 authentication-scheme default

 authorization-scheme default

 accounting-scheme default

 domain default

 domain default_admin

 local-user admin password simple admin

 local-user admin service-type http

 local-user cjnet password cipher >:@7=5T:*&II>,Z,88J:Q!!

 local-user cjnet privilege level 15

 local-user cjnet service-type telnet

#

interface Vlanif1

#

interface Vlanif50

 ip address 10.10.50.2 255.255.255.252

#

interface Vlanif60

 ip address 172.16.1.254 255.255.255.0

#

interface MEth0/0/1

#

interface GigabitEthernet0/0/1

 port link-type access

 port default vlan 50

#

interface GigabitEthernet0/0/2

 port link-type access

 port default vlan 60

#

interface GigabitEthernet0/0/3

 port link-type access

 port default vlan 60

#

interface GigabitEthernet0/0/4

 port link-type access

 port default vlan 60

#

interface GigabitEthernet0/0/5

#

interface GigabitEthernet0/0/6

#

interface GigabitEthernet0/0/7

#

interface GigabitEthernet0/0/8

#

interface GigabitEthernet0/0/9

#

interface GigabitEthernet0/0/10

#

interface GigabitEthernet0/0/11

#

interface GigabitEthernet0/0/12

#

interface GigabitEthernet0/0/13

#

interface GigabitEthernet0/0/14

#

interface GigabitEthernet0/0/15

#

interface GigabitEthernet0/0/16

#

interface GigabitEthernet0/0/17

#

interface GigabitEthernet0/0/18

#

interface GigabitEthernet0/0/19

#

interface GigabitEthernet0/0/20

#

interface GigabitEthernet0/0/21

#

interface GigabitEthernet0/0/22

#

interface GigabitEthernet0/0/23

#

interface GigabitEthernet0/0/24

#

interface NULL0

#

ospf 1

 area 0.0.0.0

  network 10.10.50.0 0.0.0.3

  network 172.16.1.0 0.0.0.255

#

ip route-static 0.0.0.0 0.0.0.0 10.10.50.1

ip route-static 202.16.10.0 255.255.255.224 10.10.50.1

#

user-interface con 0

user-interface vty 0 4

 authentication-mode aaa

#

return

LJY27_fwq_DHCP

<LJY27_fwq_DHCP>dis cu

[V200R003C00]

#

 sysname LJY27_fwq_DHCP

#

 snmp-agent local-engineid 800007DB03000000000000

 snmp-agent

#

 clock timezone China-Standard-Time minus 08:00:00

#

portal local-server load flash:/portalpage.zip

#

 drop illegal-mac alarm

#

 undo info-center enable

#

 wlan ac-global carrier id other ac id 0

#

 set cpu-usage threshold 80 restore 75

#

dhcp enable

#

ip pool fgs1

 gateway-list 192.27.100.254

 network 192.27.100.0 mask 255.255.255.0

#

ip pool fgs1glb1

 gateway-list 192.27.110.254

 network 192.27.110.0 mask 255.255.255.0

#

ip pool fgs2xsb2

 gateway-list 192.27.200.254

 network 192.27.200.0 mask 255.255.255.0

#

ip pool fgs2glb2

 gateway-list 192.27.210.254

 network 192.27.210.0 mask 255.255.255.0

#

ip pool zbjlb

 gateway-list 192.27.10.254

 network 192.27.10.0 mask 255.255.255.0

 excluded-ip-address 192.27.10.252 192.27.10.253

#

ip pool zbcwb

 gateway-list 192.27.20.254

 network 192.27.20.0 mask 255.255.255.0

 excluded-ip-address 192.27.20.252 192.27.20.253

#

ip pool zbrsb

 gateway-list 192.27.30.254

 network 192.27.30.0 mask 255.255.255.0

 excluded-ip-address 192.27.30.252 192.27.30.253

#

ip pool zbkfb

 gateway-list 192.27.40.254

 network 192.27.40.0 mask 255.255.255.0

 excluded-ip-address 192.27.40.252 192.27.40.253

#

aaa

 authentication-scheme default

 authorization-scheme default

 accounting-scheme default

 domain default

 domain default_admin

 local-user admin password cipher %$%$K8m.Nt84DZ}e#<0`8bmE3Uw}%$%$

 local-user admin service-type http

#

firewall zone Local

 priority 15

#

interface GigabitEthernet0/0/0

 ip address 172.16.1.1 255.255.255.0

 dhcp select global

#

interface GigabitEthernet0/0/1

#

interface GigabitEthernet0/0/2

#

interface NULL0

#

ospf 1

 area 0.0.0.0

  network 172.16.1.0 0.0.0.255

#

ip route-static 0.0.0.0 0.0.0.0 172.16.1.254

#

user-interface con 0

 authentication-mode password

user-interface vty 0 4

user-interface vty 16 20

#

wlan ac

#

return

单纯想公司内网全网通的配置步骤:

配置端口聚合配置网关冗余VRRP配置单臂路由配置DHCP服务配置生成树MSTP协议

本图文内容来源于网友网络收集整理提供,作为学习参考使用,版权属于原作者。
THE END
分享
二维码

)">
< <上一篇

)">
下一篇>>