【SwitchA采用全局地址池方式分配地址相关】
1. 创建(进入)VLAN10
[SwitchA] 10
2. 将E0/1加入到VLAN10
[SwitchA-vlan10]port Ethernet 0/1 to Ethernet 0/12
3. 创建(进入)VLAN接口10
[SwitchA]interface Vlan-interface 10
4. 为VLAN接口10配置IP地址
[SwitchA-Vlan-interface10] address 10.1.1.1 255.255.255.0
基于vlan的dhcp server(H3C3600-EI才支持该服务)配置:
5. 创建全局地址池,并命名为”vlan10”
[SwitchA]dhcp server ip-pool vlan10
6. 配置vlan10地址池给用户分配的地址范围以及用户的网关,dns地址
[SwitchA-dhcp-vlan10]network 10.1.1.0 mask 255.255.255.0
[SwitchA-dhcp-vlan10]gateway-list 10.1.1.1
[SwitchA-dhcp-vlan10]dns-list 202.96.209.5 202.96.209.133
7. 禁止分配给用户的ip
[SwitchA]dhcp server forbidden-ip 10.1.1.1 10.1.1.23
[SwitchA]dhcp server forbidden-ip 10.1.1.200 10.1.1.250
8.配置vlan接口通过dhcp方式获取ip(缺省情况下vlan接口不通过dhcp方式获取ip)
[h3c]int vlan 3
[h3c-vlan-intterface]ip address dhcp-alloc
9.配置trunk:
[switch-interface3]port link-type trunk
[switch-interface3]port trunk permit vlan 2 4 6 to 10
10,路由配置
[h3c]ip route-static 0.0.0.0 0.0.0.0 192.168.1.1
---------------------
telnet配置:
[h3c]user-intface vty 0 3
[h3c-vty0 3]authentication-mode password
[h3c-vty0 3]set authentication password simple 123456
[h3c-vty0 3]user privilege level 3 设置vty可以执行的命令级别
[h3c]management-vlan 2 设置管理vlan
[h3c]local-user zhh
[h3c-zhh]service-tye telnet level 3
[h3c]telnet-server source-interface vlan-interface 2(为telnet服务端指定接口)
[h3c]telnet-server source-ip 192.168.1.1 (为telnet服务端指定ip)
[h3c]telnet source-interface vlan-interface 2 (为telnet客户端指定端口)
[h3c]telent source-ip 192.168.1.1
CCIE Security 2009 IOS防火墙合集
阅读(1012) | 评论(1) | 转发(0) |
