ensp练习

最新推荐文章于 2024-07-04 22:10:49 发布

dahuzi232

最新推荐文章于 2024-07-04 22:10:49 发布

阅读量111

点赞数

文章标签：网络

本文链接：https://blog.csdn.net/dahuzi232/article/details/133204637

版权

在这里插入图片描述

sys
sys SW 6
un in en
vlan batch 10 100
int e0/0/3
p l a
p d v 10
q
port-group g e0/0/1 to e0/0/2
p l t
p t a v a
q
interface e0/0/4
port link-type trunk
port trunk pvid vlan 100
port trunk allow-pass vlan 2 to 4094
q
q
sa

sys
sys SW 7
un in en
vlan 20
int e0/0/3
p l a
p d v 10
q
port-group g e0/0/1 to e0/0/2
p l t
p t a v a
q
q
sa

sys
sys SW 8
un in en
vlan 30
int e0/0/3
p l a
p d v 10
q
port-group g e0/0/1 to e0/0/2
p l t
p t a v a
q
q
sa

汇聚层
3-4

sys
un in en
sys sw3
vlan batch 10 20 30 100
int Eth-Trunk 1
trunkport g0/0/23
trunkport g0/0/24
port link-type trunk
p t a v a
q
port-group g g0/0/2 to g0/0/7
p l t
p t a v a
q
q
sa

sys
un in en
sys sw4
vlan batch 10 20 30 100
int Eth-Trunk 1
trunkport g0/0/23
trunkport g0/0/24
port link-type trunk
p t a v a
q
port-group g g0/0/2 to g0/0/7
p l t
p t a v a
q
q
sa

核心层
sys
un in en
sys sw1
vlan batch 10 20 30 100 520
int Eth-Trunk 1
trunkport g0/0/23
trunkport g0/0/24
port link-type trunk
p t a v a
q
port-group g g0/0/2 to g0/0/3
p l t
p t a v a
q
stp in 1 r pr
stp in 2 r s
int vlan 10
ip address 192.168.1.100 24
vrrp vrid 10 virtual-ip 192.168.1.254
vrrp vrid 10 priority 120
int vlan 20
ip address 192.168.2.200 24
vrrp vrid 20 virtual-ip 192.168.2.254
int vlan 30
ip address 192.168.3.200 24
vrrp vrid 30 virtual-ip 192.168.3.254
q
ip pool vlan10
gateway-list 192.168.1.254
network 192.168.1.0 mask 255.255.255.0
ip pool vlan20
gateway-list 192.168.2.254
network 192.168.2.0 mask 255.255.255.0
ip pool vlan30
gateway-list 192.168.3.254
network 192.168.3.0 mask 255.255.255.0
dhcp enable
int vlan 10
dhcp select global
int vlan 20
dhcp select global
int vlan 30
dhcp select global
q
int vlan 520
ip add 192.168.11.1 24
int g0/0/1
p l a
p d v 520
ospf
area 0.0.0.0
network 192.168.11.0 0.0.0.255
network 192.168.1.0 0.0.0.255
network 192.168.2.0 0.0.0.255
network 192.168.3.0 0.0.0.255
q

sys
un in en
sys sw2
vlan batch 10 20 30 100 521
int Eth-Trunk 1
trunkport g0/0/23
trunkport g0/0/24
port link-type trunk
p t a v a
q
port-group g g0/0/2 to g0/0/3
p l t
p t a v a
q
stp in 2 r pr
stp in 1 r s
int vlan 10
ip address 192.168.1.100 24
vrrp vrid 10 virtual-ip 192.168.10.254
int vlan 20
ip address 192.168.2.200 24
vrrp vrid 20 virtual-ip 192.168.2.254
vrrp vrid 20 priority 120
int vlan 30
ip address 192.168.3.200 24
vrrp vrid 30 virtual-ip 192.168.3.254
vrrp vrid 30 priority 120
q
interface GigabitEthernet0/0/4
port link-type trunk
port trunk allow-pass vlan 2 to 4094
int vlan 521
ip add 192.168.12.1 24
int g0/0/1
p l a
p d v 521
ospf
area 0.0.0.0
network 192.168.1.0 0.0.0.255
network 192.168.2.0 0.0.0.255
network 192.168.3.0 0.0.0.255
network 192.168.12.0 0.0.0.255

无线：
控制器查看ap mac地址

AC
sys
sys AC
vlan batch 100
interface Vlanif100
ip address 192.168.100.1 255.255.255.0
q
capwap source interface Vlanif 100
dhcp enable
int vlan 100
dhcp select interface
q
wlan
ssid-profile name vlan10
ssid vlan–vlan10
q
security-profile name 1
security wpa-wpa2 psk pass-phrase a1234567 aes
q
vap-profile name vlan10
ssid-profile vlan10
security-profile 1
q
interface GigabitEthernet0/0/1
port link-type trunk
port trunk allow-pass vlan 2 to 4094
q
wlan
ap-id 1 ap-mac 00e0-fc20-0600
ap-name vlan10
vap-pro vlan10 wlan 1 radio all
q
防火墙

FW
sys
sys fw
un in en
int g0/0/4
ip add 192.168.4.254 24
interface GigabitEthernet0/0/0
ip address 192.168.11.2 255.255.255.0
interface GigabitEthernet0/0/1
ip address 192.168.12.2 255.255.255.0
q
firewall zone trust
add interface g0/0/1
add interface GigabitEthernet0/0/2
q
firewall zone dmz
add int g0/0/4
firewall zone untrust
add int g0/0/3
q
int g0/0/3
ip add 192.168.13.1 24

ospf
ar 0
net 192.168.4.0 0.0.0.255
net 192.168.11.0 0.0.0.255
net 192.168.13.0 0.0.0.255
net 192.168.12.0 0.0.0.255

q
policy interzone trust dmz outbound
policy 1
action permit
q
q
policy interzone trust untrust outbound
policy 1
action permit
q
q
policy interzone dmz untrust inbound
policy 1
action permit

R1
sys
sys R1
int g0/0/1
ip add 192.168.189.2 24
int g0/0/0
ip add 192.168.13.2 24
ospf
ar 0
net 192.168.13.0 0.0.0.255
q
ip route-static 0.0.0.0 0 10.10.12.2
ospf
default-route-advertise
q
acl 2000
rule permit
q
int g0/0/0
nat outbound 2000
int g0/0/0
nat server global 10.10.12.100 inside 192.168.4.1
nat server global 10.10.12.100 inside 192.168.4.2
nat server global 10.10.12.100 inside 192.168.4.3
nat server global 10.10.12.100 inside 192.168.4.4