2024年3月3日发(作者:柏亦云)
[V200R001C01SPC500]
#
board add 0/3 2SA
board add 0/4 2SA
board add 0/5 8FE1GE
#
snmp-agent local-engineid 800007DB0300464BAB5FD4
snmp-agent
#
voice
#
drop illegal-mac alarm
#
acl number 2000 基本 acl 2000
rule 5 permit 规则 5 允许 所有
#
acl number 3000 高级acl 3000
rule 5 permit ip source 172.21.34.2 0 规则 5 允许 源 ip 172.21.34.2 0代表0.0.0.0 精确匹配
rule 10 permit ip source 172.21.34.221 0规则 10 允许 源 ip 172.21.34.221 0代表0.0.0.0
精确匹配
#
traffic classifier test operator or
if-match acl 3000
#
traffic behavior test
statistic enable
traffic behavior tet
#
traffic policy test
classifier test behavior test
#
aaa 三A认证
authentication-scheme default
authorization-scheme default
accounting-scheme default
domain default
domain default_admin
local-user admin password simple admin 本地用户 账号admin 密码 明文 admin
local-user admin service-type http 本地用户admin 服务类型 http 也就是 WEB
#
interface Ethernet5/0/0
#
interface Ethernet5/0/1
#
interface Ethernet5/0/2
#
interface Ethernet5/0/3
#
interface Ethernet5/0/4
#
interface Ethernet5/0/5
#
interface Ethernet5/0/6
#
interface Ethernet5/0/7
#
interface Serial3/0/0
link-protocol fr 封装 帧中继 协议
fr lmi type q933a帧中继 lmi 类型 q933a
fr dlci 700 帧中继dlci 号 700
description link-Beijing 描述 链接 北京
ip address 172.31.1.6 255.255.255.252 ip地址 172.31.1.6 子网掩码255.255.255.252
#
interface Serial3/0/1 串口
link-protocol ppp 封装ppp 点对点协议
#
interface Serial4/0/0
link-protocol ppp封装ppp 点对点协议
#
interface Serial4/0/1
link-protocol ppp封装ppp 点对点协议
#
interface GigabitEthernet0/0/0
traffic-policy test inbound
#
interface GigabitEthernet0/0/0.2
description server_vlan 2 描述服务器 vlan 2
control-vid 2 dot1q-termination
dot1q termination vid 2这个应该是子接口封装的802.1q协议对应vlan 2
ip address 172.21.34.254 255.255.255.0
arp broadcast enable 使能ARP广播
#
interface GigabitEthernet0/0/0.4
description fanghuoqiang_vlan4
control-vid 4 dot1q-termination
dot1q termination vid 4这个应该是子接口封装的802.1q协议对应vlan 4
ip address 172.21.36.254 255.255.255.0
arp broadcast enable使能ARP广播
#
interface GigabitEthernet0/0/0.10
description guanli_vlan 10 描述 管理 vlan 10
control-vid 10 dot1q-termination
dot1q termination vid 10 这个应该是子接口封装的802.1q协议对应vlan 10
ip address 172.21.42.254 255.255.255.0
arp broadcast enable使能ARP广播
#
interface GigabitEthernet0/0/1
#
interface GigabitEthernet0/0/2
#
interface GigabitEthernet5/0/0
#
interface Cellular0/0/0
link-protocol ppp 封装ppp协议
#
interface Cellular0/0/1
link-protocol ppp封装ppp协议
#
interface NULL0
#
ip route-static 0.0.0.0 0.0.0.0 172.31.1.5 静态默认路由这是一条
#
user-interface con 0
user-interface vty 0 4
user-interface vty 16 20
#
return
2024年3月3日发(作者:柏亦云)
[V200R001C01SPC500]
#
board add 0/3 2SA
board add 0/4 2SA
board add 0/5 8FE1GE
#
snmp-agent local-engineid 800007DB0300464BAB5FD4
snmp-agent
#
voice
#
drop illegal-mac alarm
#
acl number 2000 基本 acl 2000
rule 5 permit 规则 5 允许 所有
#
acl number 3000 高级acl 3000
rule 5 permit ip source 172.21.34.2 0 规则 5 允许 源 ip 172.21.34.2 0代表0.0.0.0 精确匹配
rule 10 permit ip source 172.21.34.221 0规则 10 允许 源 ip 172.21.34.221 0代表0.0.0.0
精确匹配
#
traffic classifier test operator or
if-match acl 3000
#
traffic behavior test
statistic enable
traffic behavior tet
#
traffic policy test
classifier test behavior test
#
aaa 三A认证
authentication-scheme default
authorization-scheme default
accounting-scheme default
domain default
domain default_admin
local-user admin password simple admin 本地用户 账号admin 密码 明文 admin
local-user admin service-type http 本地用户admin 服务类型 http 也就是 WEB
#
interface Ethernet5/0/0
#
interface Ethernet5/0/1
#
interface Ethernet5/0/2
#
interface Ethernet5/0/3
#
interface Ethernet5/0/4
#
interface Ethernet5/0/5
#
interface Ethernet5/0/6
#
interface Ethernet5/0/7
#
interface Serial3/0/0
link-protocol fr 封装 帧中继 协议
fr lmi type q933a帧中继 lmi 类型 q933a
fr dlci 700 帧中继dlci 号 700
description link-Beijing 描述 链接 北京
ip address 172.31.1.6 255.255.255.252 ip地址 172.31.1.6 子网掩码255.255.255.252
#
interface Serial3/0/1 串口
link-protocol ppp 封装ppp 点对点协议
#
interface Serial4/0/0
link-protocol ppp封装ppp 点对点协议
#
interface Serial4/0/1
link-protocol ppp封装ppp 点对点协议
#
interface GigabitEthernet0/0/0
traffic-policy test inbound
#
interface GigabitEthernet0/0/0.2
description server_vlan 2 描述服务器 vlan 2
control-vid 2 dot1q-termination
dot1q termination vid 2这个应该是子接口封装的802.1q协议对应vlan 2
ip address 172.21.34.254 255.255.255.0
arp broadcast enable 使能ARP广播
#
interface GigabitEthernet0/0/0.4
description fanghuoqiang_vlan4
control-vid 4 dot1q-termination
dot1q termination vid 4这个应该是子接口封装的802.1q协议对应vlan 4
ip address 172.21.36.254 255.255.255.0
arp broadcast enable使能ARP广播
#
interface GigabitEthernet0/0/0.10
description guanli_vlan 10 描述 管理 vlan 10
control-vid 10 dot1q-termination
dot1q termination vid 10 这个应该是子接口封装的802.1q协议对应vlan 10
ip address 172.21.42.254 255.255.255.0
arp broadcast enable使能ARP广播
#
interface GigabitEthernet0/0/1
#
interface GigabitEthernet0/0/2
#
interface GigabitEthernet5/0/0
#
interface Cellular0/0/0
link-protocol ppp 封装ppp协议
#
interface Cellular0/0/1
link-protocol ppp封装ppp协议
#
interface NULL0
#
ip route-static 0.0.0.0 0.0.0.0 172.31.1.5 静态默认路由这是一条
#
user-interface con 0
user-interface vty 0 4
user-interface vty 16 20
#
return