江苏龙网

  1. 主页 > 生活百科 > >

一文教你明明白白完整配置大型企业网络( 二 )

企业网络


rule name permit_local_trust_ospf
source-zone local
destination-zone trust
action permit
quit
#
【一文教你明明白白完整配置大型企业网络】security-policy
rule name permit_trust_untrust_all
source-zone trust
destination-zone untrust
action permit
quit
#
ip route-static 0.0.0.0 0.0.0.0 202.1.10.254
#
ospf 1
default-route-advertise
#
nat-policy
rule name EASYIP
source-zone trust
destination-zone untrust
action source-nat easy-ip
quit
ISP配置:
sysname ISP
#
interface GigabitEthernet0/0/1
ip address 202.1.10.254 255.255.255.0
#
interface LoopBack0
ip address 114.114.114.114 255.255.255.255
AC配置:
#
interface GigabitEthernet0/0/1
port link-type trunk
port trunk allow-pass vlan all
#
vlan 101
interface vlan101
ip addre 192.168.101.254 24
dhcp select interface
quit
#
wlan
ap-group name ap-group1
quit
regulatory-domain-profile name default
country-code CN
quit
ap-group name ap-group1
regulatory-domain-profile default
Warning: Modifying the country code will clear channel, power and antenna gain c
onfigurations of the radio and reset the AP. Continue?[Y/N]:y
quit
quit
#
capwap source interface vlan101
#
ap-id 0
ap-name SZ1
ap-group ap-group1
Warning: This operation may cause AP reset. If the country code changes, it will
clear channel, power and antenna gain configurations of the radio, Whether to c
ontinue? [Y/N]:y
Info: This operation may take a few seconds. Please wait for a moment.. done.
[AC6605-wlan-ap-0]ap-id 1
ap-name SZ2
ap-group ap-group1
ap-id 2
ap-name SZ3
ap-group ap-group1
ap-id 3
ap-name SZ4
ap-group ap-group1
quit
ap auth-mode mac-auth
#
wlan
security-profile name wlan-net
security wpa-wpa2 psk pass-phrase a1234567 aes
quit
#
[AC6605-wlan-view]ssid-profile name wlan-net
[AC6605-wlan-ssid-prof-wlan-net]ssid hcie2022
Info: This operation may take a few seconds, please wait.done.
[AC6605-wlan-ssid-prof-wlan-net]quit
[AC6605-wlan-view]vap-profile name wlan-net
[AC6605-wlan-vap-prof-wlan-net]forward-mode direct-forward
[AC6605-wlan-vap-prof-wlan-net]service-vlan vlan-pool hcie2022
Error: The VLAN pool does not exist. Please create it first.
[AC6605]wlan
[AC6605-wlan-view]vap-profile name wlan-net
[AC6605-wlan-vap-prof-wlan-net]service-vlan vlan-pool hcie2022
Info: This operation may take a few seconds, please wait.done.
[AC6605-wlan-vap-prof-wlan-net]security-profile wlan-net
Info: This operation may take a few seconds, please wait.done.
[AC6605-wlan-vap-prof-wlan-net]ssid-profile wlan-net
[AC6605]wlan
[AC6605-wlan-view]ap-group name ap-group1
[AC6605-wlan-ap-group-ap-group1]vap-profile wlan-net wlan 1 radio 0
Info: This operation may take a few seconds, please wait...done.
[AC6605-wlan-ap-group-ap-group1]vap-profile wlan-net wlan 1 radio 1
Info: This operation may take a few seconds, please wait...done.
[AC6605-wlan-ap-group-ap-group1]quit
[AC6605-wlan-view]quit
[AC6605]dis vap ssid hcie2022
Info: This operation may take a few seconds, please wait.
WID : WLAN ID
-----------------------------------------------------------------------------
AP ID AP name RfID WID BSSID Status Auth type STA SSID
-----------------------------------------------------------------------------
0 SZ1 0 1 00E0-FC43-22F0 ON WPA/WPA2-PSK 0 hcie2022
0 SZ1 1 1 00E0-FC43-2300 ON WPA/WPA2-PSK 0 hcie2022
1 SZ2 0 1 00E0-FC86-80D0 ON WPA/WPA2-PSK 0 hcie2022
1 SZ2 1 1 00E0-FC86-80E0 ON WPA/WPA2-PSK 0 hcie2022
2 SZ3 0 1 00E0-FC04-6A40 ON WPA/WPA2-PSK 0 hcie2022
2 SZ3 1 1 00E0-FC04-6A50 ON WPA/WPA2-PSK 0 hcie2022
3 SZ4 0 1 00E0-FC0E-0BC0 ON WPA/WPA2-PSK 0 hcie2022
3 SZ4 1 1 00E0-FC0E-0BD0 ON WPA/WPA2-PSK 0 hcie2022
-----------------------------------------------------------------------------
Total: 8
SW1配置:
#
vlan batch 10 20 30 40
#
interface GigabitEthernet0/0/2
port link-type trunk
port trunk allow-pass vlan 2 to 4094
#
interface GigabitEthernet0/0/3
port link-type trunk
port trunk allow-pass vlan 2 to 4094
#
interface eth-Trunk 12
mode lacp-static
trunkport gig 0/0/19 to 0/0/20
port link-type trunk
port trunk allow-pass vlan 2 to 4094
#
stp region-configuration
region-name hcie
revision-level 1
instance 1 vlan 10 30
instance 2 vlan 20 40


推荐阅读


上一篇:AI绘画日赚千元?百度、谷歌已入局,流水线画师要被抢单了

下一篇:Htmx意外走红,我们从React“退回去”后:代码行数减少 67%,JS 依赖项从 255 下降到 9