Chinaunix首页 | 论坛 | 博客
  • 博客访问: 1337969
  • 博文数量: 464
  • 博客积分: 9399
  • 博客等级: 中将
  • 技术积分: 6364
  • 用 户 组: 普通用户
  • 注册时间: 2011-02-19 09:15
文章分类

全部博文(464)

文章存档

2014年(12)

2013年(123)

2012年(173)

2011年(156)

我的朋友

分类: 系统运维

2011-08-30 16:06:50

 version 12.4

service pad
service timestamps debug datetime msec
service timestamps log datetime msec
no service password-encryption
!
hostname RZTELE
!
enable secret 5 $1$WlqT$GgLfJfxBeZ.XgGuZfcajP.
!
no aaa new-model
!
!
dot11 vlan-name v-huiyishi vlan 271
dot11 vlan-name v-test vlan 270
dot11 vlan-name v-wangluobu vlan 263
dot11 vlan-name v-wangyunbu vlan 15
dot11 vlan-name vlan-1 vlan 1            \\给vlan命名
!
dot11 ssid ChinaNet    \\定义ssid
   vlan 1
   authentication open
   guest-mode
   mbssid guest-mode    \\以上不需要的
  
!
dot11 ssid HuiYiShi
   vlan 271
   authentication open
   authentication key-management wpa version 2
   mbssid guest-mode
   wpa-psk ascii 0 1234567890     \\以上是wpa认证的配置
!
dot11 ssid WangLuobu
   vlan 263
   authentication open
   mbssid guest-mode
!
dot11 ssid WangYunBu
   vlan 15
   authentication open
   authentication key-management wpa version 2
   mbssid guest-mode
   wpa-psk ascii 0 wangyunbu.pass
!
!
!
username Cisco privilege 15 password 0 123456
!
bridge irb
!
!
interface Dot11Radio0
no ip address
no ip route-cache
!
encryption mode ciphers tkip
!
encryption vlan 15 mode ciphers tkip
!
encryption vlan 270 mode ciphers tkip
!
encryption vlan 271 mode ciphers tkip   认证的加密配置
!
ssid ChinaNet
!
ssid HuiYiShi
!
ssid WangLuobu
!

ssid WangYunBu    \\将ssid应用到端口上
!
mbssid    \\启用多ssid功能


station-role root
!
interface Dot11Radio0.1
encapsulation dot1Q 1
no ip route-cache
!
interface Dot11Radio0.15
encapsulation dot1Q 15 native \\配置管理vlan要加上native
ip address 172.20.63.30 255.255.255.0
no ip route-cache
bridge-group 1    \\选择组别(范围是1-255),要和下面的interface FastEthernet0.15一致
bridge-group 1 port-protected
bridge-group 1 block-unknown-source
no bridge-group 1 source-learning
no bridge-group 1 unicast-flooding
bridge-group 1 spanning-disabled
!
interface Dot11Radio0.263
encapsulation dot1Q 263
ip address 172.20.62.109 255.255.255.240
no ip route-cache
bridge-group 255
bridge-group 255 subscriber-loop-control
bridge-group 255 port-protected
bridge-group 255 block-unknown-source
no bridge-group 255 source-learning
no bridge-group 255 unicast-flooding
bridge-group 255 spanning-disabled
!
interface Dot11Radio0.270
encapsulation dot1Q 270
no ip route-cache
bridge-group 254
bridge-group 254 subscriber-loop-control
bridge-group 254 port-protected
bridge-group 254 block-unknown-source
no bridge-group 254 source-learning
no bridge-group 254 unicast-flooding
bridge-group 254 spanning-disabled
!
interface Dot11Radio0.271
encapsulation dot1Q 271
no ip route-cache
bridge-group 253
bridge-group 253 subscriber-loop-control
bridge-group 253 port-protected
bridge-group 253 block-unknown-source
no bridge-group 253 source-learning
no bridge-group 253 unicast-flooding
bridge-group 253 spanning-disabled
!
interface FastEthernet0
no ip address
no ip route-cache
speed 100
full-duplex
!
interface FastEthernet0.1
encapsulation dot1Q 1
no ip route-cache
!
interface FastEthernet0.15
encapsulation dot1Q 15 native
ip address dhcp
no ip route-cache
bridge-group 1
no bridge-group 1 source-learning
bridge-group 1 spanning-disabled
!
interface FastEthernet0.263
encapsulation dot1Q 263
ip address 172.20.62.110 255.255.255.240
no ip route-cache
bridge-group 255
no bridge-group 255 source-learning
bridge-group 255 spanning-disabled
!
interface FastEthernet0.270
encapsulation dot1Q 270
no ip route-cache
bridge-group 254
no bridge-group 254 source-learning
!
interface FastEthernet0.271
encapsulation dot1Q 271
ip address dhcp
no ip route-cache
bridge-group 253
no bridge-group 253 source-learning
bridge-group 253 spanning-disabled
!
interface BVI1
ip address 172.20.63.8 255.255.255.0 \\配置管理vlan的ip地址
no ip route-cache
!
ip http server
no ip http secure-server
ip http help-path
no cdp run
bridge 1 route ip
!
!
!
line con 0
password Cisco
line vty 0 4
password Cisco
login
!
end



CCIE Security 2009 IOS防火墙合集

阅读(1363) | 评论(0) | 转发(0) |
给主人留下些什么吧!~~