静态链路聚合
[h3c]interface bridge-aggregation interface-number
[H3C-GigabitEthernet1/0/1] port link-aggregation group number
启动生成树协议
[H3C] stp global enable
[H3C] stp priority bridge-priority
[H3C-GigabitEthernet1/0/1] stp port priority port-priority【缺省32768】
[H3C-GigabitEthernet1/0/1] stp cost cost 【缺省128】
[H3C] stp timer forward-delay centiseconds【缺省1500】
创建vlan
[Quidway] vlan vlan_id [Quidway-vlan2] port port_num [ to port_num ]
[Quidway-Ethernet0/2] port access vlan vlan-id
设置链路类型
[Quidway-Ethernet0/1] port link-type { access | trunk | hybrid }
设置允许通过trunk的vlan
[Quidway-Ethernet0/1] port trunk permit vlan { vlan_id_list | all }
添加静态路由
[Quidway] ip route-static ip-address {mask | mask-length} {interface-type interface-number | gateway-address }
启动telnet服务
[h3c] telnet server enable
[H3C]local-user h3c
[H3C-local-user-manage-h3c]password simple h3c
[H3C-local-user-manage-h3c]service-type telnet
[H3C-local-user-manage-h3c]authorization-attribute user-role lvl(有没有这个我不记得了) 0
启动rip
[Quidway-] [undo] rip
[Quidway-rip-1] [undo] network network-address
[Quidway-Serial0] rip version 1
路由引入
[Quidway-rip-1] [undo] import-route protocol protocol: Direct, Static, OSPF, BGP, IS-IS ps. OSPF一样 配置pap(pap和chap配置完后记得重启端口)
验证方:
[Quidway-Serial0] ppp authentication-mode pap [Quidway] local-user user class network [Quidway-luser] service-type ppp
[Quidway-luser] password simple password 被验证方:
[Quidway-Serial0] ppp pap local-user username password simple password 配置chap
验证方:
[RA-Serial0] ppp authentication-mode chap
[RA-Serial0] ppp chap user user -a /在被认证方上为认证方配置的用户名必须跟此处配置的一致 [Quidway] local-user user-b class network
[Quidway-luser] service-type ppp
[Quidway-luser] password simple password
被验证方:
[RB-Serial0] ppp chap user user -b /在认证方上为被认证方配置的用户名必须跟此处配置的一致
[Quidway] local-user user –a class network
[Quidway-luser] service-type ppp
[Quidway-luser] password simple password 配置、应用防火墙
[Quidway] acl { basic | advanced } acl-number [ match-order { config | auto } ]
[Quidway-acl-adv-3000] rule { permit | deny } source {sour-addr sour-wildcard | any} [{destination dest-addr dest-mask | any }](反掩码)
[Router-Serial0]packet-filter 3002 inbound
NAT配置并与acl关联
[Quidway] nat address-group group-number
[Router-nat-address-group-1] address 202.38.1.2 202.38.1.3
[Quidway-Serial0] nat outbound 2000 [address-group 1]
建立内部服务器映射
[Quidway-Serial0] nat server protocol tcp global 202.30.103.22 8080 inside
192.168.1.4 http
启动OSPF协议
[Quidway [undo] ospf [Quidway-ospf-1] [undo] area area-id [Quidway-ospf-area0] [undo] network ip-addr mask(反掩码) 在路由器端口下使用子端口划分vlan路径
[H3C]interface GigabitEthernet0/1.2
[H3C-g0/1.2]vlan-type dotlq vid 2
[H3C-g0/1.2]ip address 202/0/3.1 24
注意:一根线连着的两个端口ip地址一定要在一个网段下……
因篇幅问题不能全部显示,请点此查看更多更全内容