夜月琉璃Lv46
<华为>某公司网络配置分享
拓扑结构如下图:
相关配置:
核心路由器
vlan batch 100 200 300 400 #设置Http管理允许所有端口访问 http secure-server server-source -i all #创建Vlan vlan 100 description BanGong vlan 200 description Manager vlan 300 description JianKong vlan 400 description Guest_Wifi #创建Vlan接口地址 interface Vlanif1 ip address 192.168.0.1 255.255.255.0 dhcp select interface dhcp server dns-list 192.168.0.1 # interface Vlanif100 ip address 10.2.42.1 255.255.255.0 dhcp select interface dhcp server excluded-ip-address 10.2.42.16 dhcp server dns-list 114.114.114.114 202.103.224.68 # interface Vlanif200 ip address 192.168.10.1 255.255.255.0 dhcp select interface dhcp server excluded-ip-address 192.168.10.2 192.168.10.7 # interface Vlanif300 ip address 192.168.20.1 255.255.255.0 # interface Vlanif400 ip address 192.168.100.1 255.255.255.0 dhcp select interface dhcp server dns-list 114.114.114.114 202.103.224.68 #设置接口信息 interface GigabitEthernet0/0/1 description To:AC_KongZhiQi port link-type trunk port trunk allow-pass vlan 100 200 300 400 interface GigabitEthernet0/0/2 description To:JianKong port link-type access port default vlan 300 interface GigabitEthernet0/0/4 port link-type access port default vlan 100 interface GigabitEthernet0/0/6 port link-type access port default vlan 100 interface GigabitEthernet0/0/8 description To:JieRuJiaoHuanJi port link-type trunk undo port trunk allow-pass vlan 1 port trunk allow-pass vlan 100 200 300 400 interface GigabitEthernet0/0/9 description Zhuanxian ip address 10.2.0.165 255.255.255.0 interface GigabitEthernet0/0/10 description Internet nat outbound 2999 ip address dhcp-alloc #设置对应的出口路由 ip route-static 0.0.0.0 0.0.0.0 GigabitEthernet0/0/10 192.168.1.1 description Internet ip route-static 10.0.0.0 255.0.0.0 GigabitEthernet0/0/9 10.2.0.166 description ZhuanXian
接入交换机
vlan batch 100 200 300 400 #设置Http管理允许所有端口访问 http secure-server server-source -i all #创建管理Vlan,并设置地址 interface Vlanif200 ip address 192.168.10.2 255.255.255.0 #设置端口 interface GigabitEthernet0/0/1 port link-type access port default vlan 100 #设置上联端口为Trunk interface GigabitEthernet0/0/47 port link-type trunk port trunk allow-pass vlan 100 200 300 400 #回程路由 ip route-static 0.0.0.0 0.0.0.0 192.168.10.1
AP交换机
vlan batch 100 200 300 400 #设置Http管理允许所有端口访问 http secure-server server-source -i all #设置管理Vlan及地址 interface Vlanif200 ip address 192.168.10.7 255.255.255.0 #设置端口为trunk,放行多个Vlan,同时设置默认Vlan interface GigabitEthernet0/0/1 port link-type trunk port trunk pvid vlan 200 undo port trunk allow-pass vlan 1 port trunk allow-pass vlan 100 200 400 #设置上联端口为Trunk interface GigabitEthernet0/0/9 port link-type trunk port trunk allow-pass vlan 100 200 400 #回程路由 ip route-static 0.0.0.0 0.0.0.0 192.168.10.1
AC控制器
vlan batch 100 200 300 400 #设置Http管理允许所有端口访问 http secure-server server-source -i all #设置管理Vlan及地址 interface Vlanif200 ip address 192.168.10.6 255.255.255.0 #上联口设置Trunk interface GigabitEthernet0/0/9 port link-type trunk port trunk allow-pass vlan 100 200 300 400 interface XGigabitEthernet0/0/1 port link-type trunk port trunk allow-pass vlan 100 200 300 400 #设置ap的通讯Vlan及密码 capwap source interface vlanif200 capwap dtls psk xxxxx capwap dtls inter-controller psk xxxxxx capwap dtls no-auth enable
本文章最后由 admin 于 2022-10-30 19:36 编辑
3 已被阅读了1932次 楼主 2022-10-30 19:16:49