2024年5月29日发(作者:阴鸿朗)
核心交换机详细配置
(2011年12月2日)
#
version 5.20, Release 6605
#
sysname CoreSwitch
#
domain default enable system
#
local-user password-display-mode cipher-force
#
management-vlan 10
#
port-security enable
#
mirroring-group 2 local
#
switch-mode standard
#
ip vpn-instance 1
#
acl number 3000
acl number 3002
rule 0 deny ip destination 172.20.98.32 0.0.0.15
rule 5 deny ip destination 172.20.98.48 0.0.0.15
rule 10 deny ip destination 172.20.98.64 0.0.0.31
rule 15 deny ip destination 172.20.98.96 0.0.0.31
rule 20 deny ip destination 172.20.98.160 0.0.0.31
rule 25 deny ip destination 172.20.98.192 0.0.0.15
rule 30 deny ip destination 172.20.98.208 0.0.0.15
rule 35 deny ip destination 172.20.98.224 0.0.0.31
acl number 3003
rule 1 deny ip source 172.20.98.0 0.0.0.31 destination 172.20.98.224 0.0.0.31
rule 5 deny ip destination 172.20.98.32 0.0.0.15
rule 10 deny ip destination 172.20.98.48 0.0.0.15
rule 15 deny ip destination 172.20.98.160 0.0.0.31
rule 25 deny ip destination 172.20.98.208 0.0.0.15
acl number 3004
rule 0 deny ip destination 172.20.98.0 0.0.0.31
rule 5 deny ip destination 172.20.98.32 0.0.0.15
rule 10 deny ip destination 172.20.98.64 0.0.0.31
rule 15 deny ip destination 172.20.98.96 0.0.0.31
rule 20 deny ip destination 172.20.98.160 0.0.0.31
rule 25 deny ip destination 172.20.98.192 0.0.0.15
rule 30 deny ip destination 172.20.98.208 0.0.0.15
rule 35 deny ip destination 172.20.98.224 0.0.0.31
acl number 3005
rule 0 deny ip destination 172.20.98.32 0.0.0.15
rule 5 deny ip destination 172.20.98.32 0.0.0.31
rule 10 deny ip destination 172.20.98.64 0.0.0.31
rule 15 deny ip destination 172.20.98.160 0.0.0.31
rule 25 deny ip destination 172.20.98.208 0.0.0.15
rule 30 deny ip destination 172.20.98.224 0.0.0.31
acl number 3006 name manage_user_acl
rule 0 permit ip source 172.20.98.254 0
rule 5 deny ip
acl number 3011 name acl-vlan-13
rule 0 permit ip source 172.20.98.0 0.0.0.7 destination 172.20.98.98 0
rule 5 permit ip source 172.20.98.0 0.0.0.7 destination 172.20.98.99 0
rule 10 deny ip
acl number 3100
rule 0 deny ip
acl number 3102
rule 0 permit ip destination 172.20.99.0 0.0.0.255
acl number 3110
rule 0 permit ip destination 172.20.98.0 0.0.0.255
rule 5 permit ip source 172.20.98.248 0.0.0.7
rule 10 permit ip source 172.20.98.254 0 destination 172.20.98.225 0
acl number 3111
rule 0 permit ip source 211.166.54.10 0
acl number 3113
rule 0 permit ip destination 172.20.98.98 0
rule 5 permit ip destination 172.20.98.99 0
rule 10 permit ip destination 172.20.98.0 0.0.0.15
#
vlan 1
#
vlan 2
2024年5月29日发(作者:阴鸿朗)
核心交换机详细配置
(2011年12月2日)
#
version 5.20, Release 6605
#
sysname CoreSwitch
#
domain default enable system
#
local-user password-display-mode cipher-force
#
management-vlan 10
#
port-security enable
#
mirroring-group 2 local
#
switch-mode standard
#
ip vpn-instance 1
#
acl number 3000
acl number 3002
rule 0 deny ip destination 172.20.98.32 0.0.0.15
rule 5 deny ip destination 172.20.98.48 0.0.0.15
rule 10 deny ip destination 172.20.98.64 0.0.0.31
rule 15 deny ip destination 172.20.98.96 0.0.0.31
rule 20 deny ip destination 172.20.98.160 0.0.0.31
rule 25 deny ip destination 172.20.98.192 0.0.0.15
rule 30 deny ip destination 172.20.98.208 0.0.0.15
rule 35 deny ip destination 172.20.98.224 0.0.0.31
acl number 3003
rule 1 deny ip source 172.20.98.0 0.0.0.31 destination 172.20.98.224 0.0.0.31
rule 5 deny ip destination 172.20.98.32 0.0.0.15
rule 10 deny ip destination 172.20.98.48 0.0.0.15
rule 15 deny ip destination 172.20.98.160 0.0.0.31
rule 25 deny ip destination 172.20.98.208 0.0.0.15
acl number 3004
rule 0 deny ip destination 172.20.98.0 0.0.0.31
rule 5 deny ip destination 172.20.98.32 0.0.0.15
rule 10 deny ip destination 172.20.98.64 0.0.0.31
rule 15 deny ip destination 172.20.98.96 0.0.0.31
rule 20 deny ip destination 172.20.98.160 0.0.0.31
rule 25 deny ip destination 172.20.98.192 0.0.0.15
rule 30 deny ip destination 172.20.98.208 0.0.0.15
rule 35 deny ip destination 172.20.98.224 0.0.0.31
acl number 3005
rule 0 deny ip destination 172.20.98.32 0.0.0.15
rule 5 deny ip destination 172.20.98.32 0.0.0.31
rule 10 deny ip destination 172.20.98.64 0.0.0.31
rule 15 deny ip destination 172.20.98.160 0.0.0.31
rule 25 deny ip destination 172.20.98.208 0.0.0.15
rule 30 deny ip destination 172.20.98.224 0.0.0.31
acl number 3006 name manage_user_acl
rule 0 permit ip source 172.20.98.254 0
rule 5 deny ip
acl number 3011 name acl-vlan-13
rule 0 permit ip source 172.20.98.0 0.0.0.7 destination 172.20.98.98 0
rule 5 permit ip source 172.20.98.0 0.0.0.7 destination 172.20.98.99 0
rule 10 deny ip
acl number 3100
rule 0 deny ip
acl number 3102
rule 0 permit ip destination 172.20.99.0 0.0.0.255
acl number 3110
rule 0 permit ip destination 172.20.98.0 0.0.0.255
rule 5 permit ip source 172.20.98.248 0.0.0.7
rule 10 permit ip source 172.20.98.254 0 destination 172.20.98.225 0
acl number 3111
rule 0 permit ip source 211.166.54.10 0
acl number 3113
rule 0 permit ip destination 172.20.98.98 0
rule 5 permit ip destination 172.20.98.99 0
rule 10 permit ip destination 172.20.98.0 0.0.0.15
#
vlan 1
#
vlan 2