vlan batch 10 to 11 16 20 22 24 30
#
telnet server enable
#
dhcp enable
#
diffserv domain default
#
acl number 3000
description vlan6
rule 10 permit ip source 192.168.0.0 0.0.0.255 destination 192.168.6.0 0.0.0.25
5
rule 11 permit ip source 192.168.0.0 0.0.0.255 destination 192.168.0.0 0.0.0.25
5
rule 20 permit ip source 192.168.1.0 0.0.0.255 destination 192.168.6.0 0.0.0.25
5
rule 21 permit ip source 192.168.1.0 0.0.0.255 destination 192.168.1.0 0.0.0.25
5
rule 30 permit ip source 192.168.16.0 0.0.0.255 destination 192.168.6.0 0.0.0.2
55
rule 31 permit ip source 192.168.16.0 0.0.0.255 destination 192.168.16.0 0.0.0.
255
rule 40 permit ip source 192.168.20.0 0.0.0.255 destination 192.168.6.0 0.0.0.2
55
rule 41 permit ip source 192.168.20.0 0.0.0.255 destination 192.168.20.0 0.0.0.
255
rule 45 permit ip source 192.168.22.0 0.0.0.255 destination 192.168.22.0 0.0.0.
255
rule 46 permit ip source 192.168.22.0 0.0.0.255 destination 192.168.6.0 0.0.0.2
55
rule 50 permit ip source 192.168.22.0 0.0.0.255 destination 192.168.3.0 0.0.0.2
rule 52 permit ip source 192.168.3.0 0.0.0.255 destination 192.168.22.0 0.0.0.2
rule 60 permit ip source 192.168.6.0 0.0.0.255 destination 192.168.22.0 0.0.0.2
acl number 3001
description vlan10
rule 15 permit ip source 192.168.0.0 0.0.0.255
acl number 3002
description vlan11
rule 15 permit ip source 192.168.1.0 0.0.0.255
acl number 3003
description vlan16
rule 15 permit ip source 192.168.16.0 0.0.0.255
acl number 3004
description vlan20
rule 15 permit ip source 192.168.20.0 0.0.0.255
acl number 3005
description vlan22
rule 15 permit ip source 192.168.22.0 0.0.0.255
#
traffic classifier 1 operator and
if-match acl 3000
traffic classifier vlan10 operator and
if-match acl 3001
traffic classifier vlan11 operator and
if-match acl 3002
traffic classifier vlan16 operator and
if-match acl 3003
traffic classifier vlan20 operator and
if-match acl 3004
#
traffic behavior 2
permit
traffic behavior vlan10-1
redirect ip-nexthop 192.168.0.1
traffic behavior vlan11-1
redirect ip-nexthop 192.168.1.1
traffic behavior vlan16-1
redirect ip-nexthop 192.168.16.1
traffic behavior vlan20-1
redirect ip-nexthop 192.168.20.1
#
traffic policy vlan match-order config
classifier 1 behavior 2
classifier vlan10 behavior vlan10-1
classifier vlan11 behavior vlan11-1
classifier vlan16 behavior vlan16-1
classifier vlan20 behavior vlan20-1
#
drop-profile default
#
vlan 10
description laozhanghao
vlan 11
description xiangguangzhanghao
vlan 16
description renshizhanghao
vlan 20
description fuzhuangzhanghao
vlan 22
description baizhe
vlan 24
description beiyong2
vlan 30
description lianjie-usg63
#
aaa
authentication-scheme default
authorization-scheme default
accounting-scheme default
domain default
domain default_admin
local-user admin password irreversible-cipher %#%#EBx-Eyp1n*Hh`:T9J|c.=X<_B<M"g
local-user admin privilege level 15
local-user admin service-type telnet terminal http
#
interface Vlanif1
#
interface Vlanif10
ip address 192.168.0.2 255.255.255.0
dhcp select interface
dhcp server excluded-ip-address 192.168.0.1
dhcp server excluded-ip-address 192.168.0.3 192.168.0.99
dhcp server dns-list 114.114.114.114 8.8.8.8
#
interface Vlanif11
ip address 192.168.1.2 255.255.255.0
dhcp select interface
dhcp server excluded-ip-address 192.168.1.1
dhcp server excluded-ip-address 192.168.1.3 192.168.1.99
dhcp server dns-list 114.114.114.114 8.8.8.8
#
interface Vlanif16
ip address 192.168.16.2 255.255.255.0
dhcp select interface
dhcp server excluded-ip-address 192.168.16.1
dhcp server excluded-ip-address 192.168.16.3 192.168.16.10
dhcp server excluded-ip-address 192.168.16.14 192.168.16.20
dhcp server excluded-ip-address 192.168.16.24 192.168.16.30
dhcp server excluded-ip-address 192.168.16.34 192.168.16.40
dhcp server excluded-ip-address 192.168.16.44 192.168.16.50
dhcp server excluded-ip-address 192.168.16.54 192.168.16.99
dhcp server excluded-ip-address 192.168.16.151 192.168.16.254
dhcp server dns-list 114.114.114.114 8.8.8.8
#
interface Vlanif20
ip address 192.168.20.2 255.255.255.0
dhcp select interface
dhcp server excluded-ip-address 192.168.20.1
dhcp server excluded-ip-address 192.168.20.3 192.168.20.99
dhcp server dns-list 114.114.114.114 8.8.8.8
#
interface Vlanif22
ip address 192.168.22.2 255.255.255.0
dhcp select interface
dhcp server excluded-ip-address 192.168.22.1
dhcp server excluded-ip-address 192.168.22.3 192.168.22.99
dhcp server dns-list 120.196.165.24 114.114.114.114
#
interface Vlanif30
ip address 192.168.3.2 255.255.255.252
#
interface MEth0/0/1
#
interface GigabitEthernet0/0/1
port link-type access
port default vlan 30
#
interface GigabitEthernet0/0/2
port link-type access
port default vlan 30
#
interface GigabitEthernet0/0/3
port link-type access
port default vlan 30
#
interface GigabitEthernet0/0/4
port link-type access
port default vlan 30
#
interface GigabitEthernet0/0/5
port link-type access
port default vlan 10
traffic-policy vlan inbound
#
interface GigabitEthernet0/0/6
port link-type access
port default vlan 10
traffic-policy vlan inbound
#
interface GigabitEthernet0/0/7
port link-type access
port default vlan 10
traffic-policy vlan inbound
#
interface GigabitEthernet0/0/8
port link-type access
port default vlan 10
traffic-policy vlan inbound
#
interface GigabitEthernet0/0/9
port link-type access
port default vlan 11
traffic-policy vlan inbound
#
interface GigabitEthernet0/0/10
port link-type access
port default vlan 11
traffic-policy vlan inbound
#
interface GigabitEthernet0/0/11
port link-type access
port default vlan 11
traffic-policy vlan inbound
#
interface GigabitEthernet0/0/12
port link-type access
port default vlan 11
traffic-policy vlan inbound
#
interface GigabitEthernet0/0/13
port link-type access
port default vlan 16
traffic-policy vlan inbound
#
interface GigabitEthernet0/0/14
port link-type access
port default vlan 16
traffic-policy vlan inbound
#
interface GigabitEthernet0/0/15
port link-type access
port default vlan 16
traffic-policy vlan inbound
#
interface GigabitEthernet0/0/16
port link-type access
port default vlan 16
traffic-policy vlan inbound
#
interface GigabitEthernet0/0/17
port link-type access
port default vlan 20
traffic-policy vlan inbound
#
interface GigabitEthernet0/0/18
port link-type access
port default vlan 20
traffic-policy vlan inbound
#
interface GigabitEthernet0/0/19
port link-type access
port default vlan 20
traffic-policy vlan inbound
#
interface GigabitEthernet0/0/20
port link-type access
port default vlan 20
traffic-policy vlan inbound
#
interface GigabitEthernet0/0/21
port link-type access
port default vlan 22
traffic-policy vlan inbound
#
interface GigabitEthernet0/0/22
port link-type access
port default vlan 22
traffic-policy vlan inbound
#
interface GigabitEthernet0/0/23
port link-type access
port default vlan 22
traffic-policy vlan inbound
#
interface GigabitEthernet0/0/24
port link-type access
port default vlan 24
traffic-policy vlan inbound
#
interface GigabitEthernet0/0/25
#
interface GigabitEthernet0/0/26
#
interface GigabitEthernet0/0/27
#
interface GigabitEthernet0/0/28
#
interface GigabitEthernet0/0/29
#
interface GigabitEthernet0/0/30
#
interface GigabitEthernet0/0/31
#
interface GigabitEthernet0/0/32
#
interface NULL0
#
ip route-static 192.168.6.0 255.255.255.0 192.168.3.1
#
user-interface con 0
authentication-mode password
set authentication password cipher $1a$_CNE-w8x.M$NhTwN<66#3>@*pX35_S8sEj(;pq*U
user-interface vty 0 4
authentication-mode aaa
protocol inbound all
user-interface vty 16 20
#
return
<S5720>