sys
inter g 0/0/0
ip add 60.6.202.7 24
quit
vlan 10
vlan 20
vlan 30
quit
inter vlan 10
ip add 192.168.1.1 24
inter vlan 20
ip add 192.168.2.1 24
inter vlan 30
ip add 192.168.3.1 24
quit
inter e 0/0/0
port link-type access
port default vlan 30
quit
inter e 0/0/1
port link-type access
port default vlan 30
quit
inter e 0/0/2
port link-type access
port default vlan 30
quit
inter e 0/0/3
port link-type access
port default vlan 30
quit
inter e 0/0/4
port link-type access
port default vlan 30
quit
inter e 0/0/5
port link-type access
port default vlan 30
quit
inter e 0/0/6
port link-type access
port default vlan 30
quit
inter e 0/0/7
port link-type access
port default vlan 20
quit
ip route-static 0.0.0.0 0.0.0.0 60.6.202.1
acl number 2000
rule 5 permit source 192.168.0.0 0.0.255.255
inter g 0/0/0
nat outbound 2000
nat static global current-interface inside 192.168.3.254
quit
dhcp enable
ip pool vlan30
network 192.168.3.0 mask 255.255.255.0
gateway-list 192.168.3.1
dns-list 202.99.160.68 202.99.166.4
excluded-ip-address 192.168.3.2 192.168.3.9
excluded-ip-address 192.168.3.250 192.168.3.254
lease day 90
quit
inter vlan 30
dhcp select global
quit
重新生成RSA密钥对
rsa local-key-pair create
y
1024
#配置VTY上允许SSH协议
user-interface vty 0 4
authentication-mode aaa
protocol inbound ssh
开启SSH服务并创建账号
aaa
local-user admin password cipher Admin@huawei
local-user admin privilege level 15
local-user admin service-type http
local-user admin service-type ssh
quit
stelnet server enable
开启HTTP服务
http secure-server enable
http server enable
本文出自 “往事如烟” 博客,请务必保留此出处http://aluna.blog.51cto.com/464007/1719826
原文地址:http://aluna.blog.51cto.com/464007/1719826
