更換路由器注意事項 一般思科接入設備設置配置命令……
更換路由器注意事項
1. 路由器不保存配置問題
2. 路由器重啟才能打開瀏覽器網頁,不然只能上QQ
3. 配置一份防火牆的路由模式配置命令清單
4. 整體優化一下網路配置,包括上網行為管理配置
5. 向專業人士請教學習網路管理,網路配置方面的經驗。
6. 其它可能想到的遇見的網路問題
ssh 0.0.0.0 0.0.0.0 outside
ssh timeout 5
conf t
no ssh 0.0.0.0 0.0.0.0 outside
no ssh timeout 5
***************************
User Access Verification
Username: 8
Password: ******
Type help or ? for a list of available commands.
ciscoasa> en
Password: ******
ciscoasa# show run
: Saved
:
ASA Version 8.0(4)
!
hostname ciscoasa
enable password GYXZIPGXIpqkhvbr encrypted
passwd 2KFQnbNIdI.2KYOU encrypted
names
!
interface GigabitEthernet0/0
nameif outside
security-level 0
ip address 22.19.73.18 255.255.255.248
!
interface GigabitEthernet0/1
nameif inside
security-level 100
ip address 192.178.10.1 255.255.255.252
!
interface GigabitEthernet0/2
no nameif
no security-level
no ip address
!
interface GigabitEthernet0/3
no nameif
no security-level
no ip address
!
interface Management0/0
shutdown
no nameif
no security-level
no ip address
management-only
!
ftp mode passive
access-list out extended permit icmp any any
access-list out extended permit tcp any host 221.1.73.19 eq 9080
access-list out extended permit tcp any host 221.1.73.19 eq 9999
access-list out extended permit tcp any host 221.1.73.18 eq telnet
access-list out extended permit tcp any host 221.1.73.19 eq 9082
access-list out extended permit tcp any host 221.1.73.20 eq 9080
access-list NAT extended permit ip any any
pager lines 24
mtu outside 1500
mtu inside 1500
no failover
icmp unreachable rate-limit 1 burst-size 1
no asdm history enable
arp timeout 14400
global (outside) 1 interface
nat (inside) 1 access-list NAT
static (inside,outside) tcp 22.19.73.20 9080 192.168.0.77 www netmask 255.255.255.255
access-group out in interface outside
route outside 0.0.0.0 0.0.0.0 22.19.73.17 1
route inside 10.10.2.0 255.255.255.0 192.178.10.2 2
route inside 192.168.0.0 255.255.0.0 192.178.10.2 1
timeout xlate 3:00:00
timeout conn 1:00:00 half-closed 0:10:00 udp 0:02:00 icmp 0:00:02
timeout sunrpc 0:10:00 h323 0:05:00 h225 1:00:00 mgcp 0:05:00 mgcp-pat 0:05:00
timeout sip 0:30:00 sip_media 0:02:00 sip-invite 0:03:00 sip-disconnect 0:02:00
timeout sip-provisional-media 0:02:00 uauth 0:05:00 absolute
dynamic-access-policy-record DfltAccessPolicy
aaa authentication ssh console LOCAL
aaa authentication telnet console LOCAL
no snmp-server location
no snmp-server contact
snmp-server enable traps snmp authentication linkup linkdown coldstart
crypto ipsec security-association lifetime seconds 28800
crypto ipsec security-association lifetime kilobytes 4608000
telnet 0.0.0.0 0.0.0.0 inside
telnet timeout 5
ssh 0.0.0.0 0.0.0.0 outside
ssh timeout 5
console timeout 0
threat-detection basic-threat
threat-detection statistics access-list
no threat-detection statistics tcp-intercept
username 8 password KTgDX8iR83mrRqex encrypted
!
class-map inspection_default
match default-inspection-traffic
!
!
policy-map type inspect dns preset_dns_map
parameters
message-length maximum 512
policy-map global_policy
class inspection_default
inspect dns preset_dns_map
inspect ftp
inspect h323 h225
inspect h323 ras
inspect rsh
inspect rtsp
inspect esmtp
inspect sqlnet
inspect skinny
inspect sunrpc
inspect xdmcp
inspect sip
inspect netbios
inspect tftp
!
service-policy global_policy global
prompt hostname context
Cryptochecksum:14d7b5a5f4e711ffd24c3c632d0dd376
: end
ciscoasa# show ver
Cisco Adaptive Security Appliance Software Version 8.0(4)
Compiled on Thu 07-Aug-08 20:53 by builders
System image file is "disk0:/asa804-k8.bin"
Config file at boot was "startup-config"
ciscoasa up 270 days 13 hours
Hardware: ASA5540, 2048 MB RAM, CPU Pentium 4 Celeron 2000 MHz
Internal ATA Compact Flash, 256MB
BIOS Flash M50FW080 @ 0xffe00000, 1024KB
Encryption hardware device : Cisco ASA-55x0 on-board accelerator (revision 0x0)
Boot microcode : CN1000-MC-BOOT-2.00
SSL/IKE microcode: CNLite-MC-SSLm-PLUS-2.03
IPSec microcode : CNlite-MC-IPSECm-MAIN-2.05
0: Ext: GigabitEthernet0/0 : address is 0023.33bb.9486, irq 9
1: Ext: GigabitEthernet0/1 : address is 0023.33bb.9487, irq 9
2: Ext: GigabitEthernet0/2 : address is 0023.33bb.9488, irq 9
3: Ext: GigabitEthernet0/3 : address is 0023.33bb.9489, irq 9
4: Ext: Management0/0 : address is 0023.33bb.948a, irq 11
5: Int: Not used : irq 11
6: Int: Not used : irq 5
Licensed features for this platform:
Maximum Physical Interfaces : Unlimited
Maximum VLANs : 200
Inside Hosts : Unlimited
Failover : Active/Active
VPN-DES : Enabled
VPN-3DES-AES : Disabled
Security Contexts : 2
GTP/GPRS : Disabled
VPN Peers : 5000
WebVPN Peers : 2
AnyConnect for Mobile : Disabled
AnyConnect for Linksys phone : Disabled
Advanced Endpoint Assessment : Disabled
UC Proxy Sessions : 2
This platform has an ASA 5540 VPN Premium license.
Serial Number: JMX1307L05W
Running Activation Key: 0xe019655b 0x0424a2b4 0xd052a9d0 0xac50a048 0xc03e0fa5
Configuration register is 0x2001
Configuration last modified by enable_15 at 01:32:26.817 UTC Tue Jan 17 2017
*************************************
User Access Verification
Username: 8
Password:
HTHL_7206_Router#show run
Building configuration...
Current configuration : 1640 bytes
!
version 12.2
service timestamps debug datetime msec
service timestamps log datetime msec
no service password-encryption
!
hostname HTHL_7206_Router
!
boot-start-marker
boot-end-marker
!
!
no aaa new-model
ip subnet-zero
ip source-route
!
!
!
!
ip cef
!
!
multilink bundle-name authenticated
call rsvp-sync
!
!
!
interface GigabitEthernet0/1
no ip address
media-type rj45
speed auto
duplex auto
negotiation auto
!
interface GigabitEthernet0/2
description *CNC1*
ip address 192.178.10.2 255.255.255.252
media-type rj45
speed auto
duplex auto
negotiation auto
!
interface GigabitEthernet0/3
ip address 10.10.20.1 255.255.255.0
media-type rj45
speed auto
duplex auto
negotiation auto
!
ip nat translation timeout 900
ip nat translation tcp-timeout 900
ip nat translation udp-timeout 900
ip nat translation syn-timeout 900
ip nat inside source list nat interface GigabitEthernet0/2 overload
ip nat inside source static tcp 192.168.20.104 9080 22.19.73.19 9080 extendable
ip nat inside source static tcp 192.168.0.10 80 22.19.73.19 9999 extendable
ip classless
ip route 0.0.0.0 0.0.0.0 192.178.10.1
ip route 192.168.0.0 255.255.0.0 10.10.20.254
!
!
no ip http server
no ip http secure-server
!
ip access-list extended nat
permit ip any any
!
!
!
!
control-plane
!
!
dial-peer cor custom
!
!
!
!
gatekeeper
shutdown
!
!
line con 0
stopbits 1
line aux 0
stopbits 1
line vty 0 4
logging synchronous
login local
line vty 5 15
logging synchronous
login local
!
end
HTHL_7206_Router# show ver
Cisco IOS Software, 7200 Software (C7200-ADVENTERPRISEK9-M), Version 12.2(33)SRD2, RELEASE SOFTWARE (fc2)
Copyright (c) 1986-2009 by Cisco Systems, Inc.
Compiled Wed 20-May-09 20:57 by prod_rel_team
ROM: System Bootstrap, Version 12.3(4r)T3, RELEASE SOFTWARE (fc1)
HTHL_7206_Router uptime is 20 weeks, 5 days, 15 hours, 29 minutes
System returned to ROM by reload at 06:24:04 UTC Fri May 5 2000
System image file is "disk2:c7200-adventerprisek9-mz.122-33.SRD2.bin"
Last reload type: Normal Reload
Last reload reason: Reload command
This product contains cryptographic features and is subject to United
States and local country laws governing import, export, transfer and
use. Delivery of Cisco cryptographic products does not imply
third-party authority to import, export, distribute or use encryption.
Importers, exporters, distributors and users are responsible for
compliance with U.S. and local country laws. By using this product you
agree to comply with applicable laws and regulations. If you are unable
to comply with U.S. and local laws, return this product immediately.
A summary of U.S. laws governing Cisco cryptographic products may be found at:
http://www.cisco.com/wwl/export/crypto/tool/stqrg.html
If you require further assistance please contact us by sending email to
Cisco 7206VXR (NPE-G1) processor (revision C) with 229376K/32768K bytes of memory.
SB-1 CPU at 700Mhz, Implementation 0x401, Rev 0.2, 512KB L2 Cache
6 slot VXR midplane, Version 2.11
Last reset from power-on
PCI bus mb1 (Slots 1, 3 and 5) has a capacity of 600 bandwidth points.
Current configuration on bus mb1 has a total of 0 bandwidth points.
This configuration is within the PCI bus capacity and is supported.
PCI bus mb2 (Slots 2, 4 and 6) has a capacity of 600 bandwidth points.
Current configuration on bus mb2 has a total of 0 bandwidth points.
This configuration is within the PCI bus capacity and is supported.
Please refer to the following document "Cisco 7200 Series Port Adaptor
for c7200 bandwidth points oversubscription and usage guidelines.
3 Gigabit Ethernet interfaces
509K bytes of NVRAM.
500472K bytes of ATA PCMCIA card at slot 2 (Sector size 512 bytes).
16384K bytes of Flash internal SIMM (Sector size 256K).
Configuration register is 0x2102
HTHL_7206_Router#
---------------
ASA防火牆配置SSH
以前pix上的ssh配置很簡單,現在照樣在asa上配置,結果不行,琢磨了一下,終於ok了,分享給大家
關鍵語句主要以下幾條
access-list 102 extended permit tcp any interface outside eq ssh放開外口ssh登陸
access-group 102 in interface outside外口啟用ssh
aaa authentication ssh console LOCAL
aaa authentication enable console LOCAL 開放aaa本地數據驗證,這兩句很重要,不能省略
ssh 0.0.0.0 0.0.0.0 outside開放允許ssh的埠iu
ssh timeout 45設置ssh超時時間
ssh version 1 設置ssh版本,3des才支持v2
設置用戶 username admin password privilege 15
以上幾句就可以在asa上實現ssh了
ASA5500系列命令,我發現的軟體版本7.0以上的正確配置方法如下:
//配置伺服器端
ciscoasa(config)#crypto key generate rsa modulus 1024 //指定rsa係數的大小,這個值越大,產生rsa的時間越長,cisco推薦使用1024.
ciscoasa(config)#write mem //保存剛剛產生的密鑰
ciscoasa(config)#ssh 0.0.0.0 0.0.0.0 outside //0.0.0.0 0.0.0.0表示任何外部主機都能通過SSH訪問outside介面,當然你可以指定具體的主機或網路來進行訪問,outside也可 以改為inside即表示內部通過SSH訪問防火牆ciscoasa(config)#ssh timeout 30 //設置超時時間,單位為分鐘
ciscoasa(config)#ssh version 1 //指定SSH版本,可以選擇版本2
//配置客戶端ciscoasa(config)#passwd 密碼 //passwd命令所指定的密碼為遠程訪問密碼,同樣適用於telnet 所有7.0版本以上的用戶名默認為pix,其它的版本我不知道。這裡可以看出ASA還有PIX的影子的,呵呵,網上說的ASA防火牆配置SSH通過命令"username 用戶名 password密碼"來創建帳號,我測試了n次都說帳號錯誤.由此看出軟體版本7.0上的用戶名都是pix.不信大家可以試試.
//相關命令 show ssh
//參看SSH配置信息 show crypto key mypubkey rsa //查看產生的rsa密鑰值 crypto key zeroize
//清空所有產生的密鑰 以上命令資料都是來自ASA5500系列防火牆官方配置指南和實際測試通過
1.設置用戶名:
hostname yliang
2.設置域名,在生成加密密碼時要用到用戶名和域名
ip domain-name yliang.com
3.為加密會話產生加密密鑰:
crypto key generate rsa general-keys modulus 1024
4.為SSH會話設置最大空閑定時器:
ip ssh time-out 60
5.為SSH連接設置最大失敗嘗試值:
ip ssh authentication-retries 2
line vty 0 1180
6.連接到路由器的vty線路上
transport input ssh telnet
ssh 0.0.0.0 0.0.0.0
7.配置SSH並將Telnet作為訪問協議
************************
交換機:192.168.0.254
User Access Verification
Username: 8
Password:
HXSwitch-1#show run
Building configuration...
Current configuration : 13515 bytes
!
version 12.2
no service pad
service timestamps debug datetime msec
service timestamps log datetime msec
service password-encryption
service compress-config
!
hostname HXSwitch-1
!
boot-start-marker
boot-end-marker
!
!
username hailong privilege 15 password 7 141F1302000B242C
username 8 privilege 15 password 7 130D121E04025C
no aaa new-model
ip subnet-zero
!
ip dhcp pool binguan
network 192.168.12.0 255.255.255.0
default-router 192.168.12.254
dns-server 202.102.134.68 202.102.154.3
!
ip vrf mgmtVrf
!
!
power redundancy-mode redundant
!
!
!
!
!
spanning-tree mode pvst
spanning-tree extend system-id
!
redundancy
mode sso
main-cpu
auto-sync startup-config
auto-sync config-register
!
vlan internal allocation policy ascending
!
!
!
interface Port-channel1
switchport
switchport trunk encapsulation dot1q
switchport mode trunk
!
interface Port-channel2
switchport
switchport trunk encapsulation dot1q
switchport mode trunk
!
interface FastEthernet1
ip vrf forwarding mgmtVrf
no ip address
speed auto
duplex auto
!
interface TenGigabitEthernet1/1
!
interface TenGigabitEthernet1/2
!
interface GigabitEthernet1/3
!
interface GigabitEthernet1/4
!
interface GigabitEthernet1/5
!
interface GigabitEthernet1/6
!
interface TenGigabitEthernet2/1
!
interface TenGigabitEthernet2/2
!
interface GigabitEthernet2/3
!
interface GigabitEthernet2/4
!
interface GigabitEthernet2/5
!
interface GigabitEthernet2/6
!
interface GigabitEthernet4/1
switchport trunk encapsulation dot1q
switchport mode trunk
!
interface GigabitEthernet4/2
switchport trunk encapsulation dot1q
switchport mode trunk
!
interface GigabitEthernet4/3
switchport trunk encapsulation dot1q
switchport mode trunk
!
interface GigabitEthernet4/4
switchport trunk encapsulation dot1q
switchport mode trunk
!
interface GigabitEthernet4/5
switchport trunk encapsulation dot1q
switchport mode trunk
!
interface GigabitEthernet4/6
switchport trunk encapsulation dot1q
switchport mode trunk
!
interface GigabitEthernet4/7
switchport trunk encapsulation dot1q
switchport mode trunk
!
interface GigabitEthernet4/8
switchport trunk encapsulation dot1q
switchport mode trunk
!
interface GigabitEthernet4/9
switchport trunk encapsulation dot1q
switchport mode trunk
!
interface GigabitEthernet4/10
switchport trunk encapsulation dot1q
switchport mode trunk
!
interface GigabitEthernet4/11
switchport trunk encapsulation dot1q
switchport mode trunk
!
interface GigabitEthernet4/12
switchport trunk encapsulation dot1q
switchport mode trunk
!
interface GigabitEthernet4/13
switchport trunk encapsulation dot1q
switchport mode trunk
!
interface GigabitEthernet4/14
switchport trunk encapsulation dot1q
switchport mode trunk
!
interface GigabitEthernet4/15
switchport trunk encapsulation dot1q
switchport mode trunk
!
interface GigabitEthernet4/16
switchport trunk encapsulation dot1q
switchport mode trunk
!
interface GigabitEthernet4/17
switchport trunk encapsulation dot1q
switchport mode trunk
!
interface GigabitEthernet4/18
switchport trunk encapsulation dot1q
switchport mode trunk
!
interface GigabitEthernet4/19
switchport trunk encapsulation dot1q
switchport mode trunk
!
interface GigabitEthernet4/20
switchport trunk encapsulation dot1q
switchport mode trunk
!
interface GigabitEthernet4/21
switchport trunk encapsulation dot1q
switchport mode trunk
!
interface GigabitEthernet4/22
switchport trunk encapsulation dot1q
switchport mode trunk
!
interface GigabitEthernet4/23
switchport trunk encapsulation dot1q
switchport mode trunk
!
interface GigabitEthernet4/24
switchport trunk encapsulation dot1q
switchport mode trunk
!
interface GigabitEthernet4/25
switchport trunk encapsulation dot1q
switchport mode trunk
!
interface GigabitEthernet4/26
switchport trunk encapsulation dot1q
switchport mode trunk
!
interface GigabitEthernet4/27
switchport trunk encapsulation dot1q
switchport mode trunk
!
interface GigabitEthernet4/28
switchport trunk encapsulation dot1q
switchport mode trunk
!
interface GigabitEthernet4/29
switchport trunk encapsulation dot1q
switchport mode trunk
!
interface GigabitEthernet4/30
switchport trunk encapsulation dot1q
switchport mode trunk
!
interface GigabitEthernet4/31
switchport trunk encapsulation dot1q
switchport mode trunk
!
interface GigabitEthernet4/32
switchport trunk encapsulation dot1q
switchport mode trunk
!
interface GigabitEthernet4/33
switchport trunk encapsulation dot1q
switchport mode trunk
!
interface GigabitEthernet4/34
switchport trunk encapsulation dot1q
switchport mode trunk
!
interface GigabitEthernet4/35
switchport trunk encapsulation dot1q
switchport mode trunk
!
interface GigabitEthernet4/36
switchport trunk encapsulation dot1q
switchport mode trunk
!
interface GigabitEthernet4/37
switchport trunk encapsulation dot1q
switchport mode trunk
!
interface GigabitEthernet4/38
switchport trunk encapsulation dot1q
switchport mode trunk
!
interface GigabitEthernet4/39
switchport trunk encapsulation dot1q
switchport mode trunk
!
interface GigabitEthernet4/40
switchport trunk encapsulation dot1q
switchport mode trunk
!
interface GigabitEthernet4/41
switchport trunk encapsulation dot1q
switchport mode trunk
!
interface GigabitEthernet4/42
switchport trunk encapsulation dot1q
switchport mode trunk
!
interface GigabitEthernet4/43
switchport trunk encapsulation dot1q
switchport mode trunk
!
interface GigabitEthernet4/44
switchport trunk encapsulation dot1q
switchport mode trunk
!
interface GigabitEthernet4/45
switchport trunk encapsulation dot1q
switchport mode trunk
channel-group 2 mode on
!
interface GigabitEthernet4/46
switchport trunk encapsulation dot1q
switchport mode trunk
channel-group 2 mode on
!
interface GigabitEthernet4/47
switchport trunk encapsulation dot1q
switchport mode trunk
channel-group 2 mode on
!
interface GigabitEthernet4/48
switchport trunk encapsulation dot1q
switchport mode trunk
channel-group 2 mode on
!
interface GigabitEthernet6/1
no switchport
ip address 10.10.20.252 255.255.255.0
standby 88 ip 10.10.20.254
standby 88 priority 120
standby 88 preempt
!
interface GigabitEthernet6/2
switchport access vlan 2
switchport mode access
speed 1000
duplex full
!
interface GigabitEthernet6/3
!
interface GigabitEthernet6/4
switchport access vlan 2
switchport mode access
!
interface GigabitEthernet6/5
switchport access vlan 2
switchport mode access
!
interface GigabitEthernet6/6
switchport access vlan 2
switchport mode access
!
interface GigabitEthernet6/7
switchport access vlan 2
switchport mode access
!
interface GigabitEthernet6/8
switchport access vlan 2
switchport mode access
!
interface GigabitEthernet6/9
switchport access vlan 2
switchport mode access
interface GigabitEthernet6/9
switchport access vlan 2
switchport mode access
!
interface GigabitEthernet6/10
switchport access vlan 2
switchport mode access
!
interface GigabitEthernet6/11
switchport access vlan 2
switchport mode access
!
interface GigabitEthernet6/12
switchport access vlan 2
switchport mode access
!
interface GigabitEthernet6/13
switchport access vlan 2
switchport mode access
!
interface GigabitEthernet6/14
switchport access vlan 2
switchport mode access
!
interface GigabitEthernet6/15
switchport access vlan 2
switchport mode access
!
interface GigabitEthernet6/16
switchport access vlan 2
switchport mode access
!
interface GigabitEthernet6/17
switchport access vlan 2
switchport mode access
!
interface GigabitEthernet6/18
switchport access vlan 2
switchport mode access
!
interface GigabitEthernet6/19
switchport access vlan 2
switchport mode access
!
interface GigabitEthernet6/20
switchport access vlan 2
switchport mode access
!
interface GigabitEthernet6/21
switchport access vlan 2
switchport mode access
!
interface GigabitEthernet6/22
switchport access vlan 2
switchport mode access
!
interface GigabitEthernet6/23
switchport access vlan 2
switchport mode access
!
interface GigabitEthernet6/24
switchport access vlan 2
switchport mode access
!
interface GigabitEthernet6/25
switchport access vlan 2
switchport mode access
!
interface GigabitEthernet6/26
switchport access vlan 2
switchport mode access
!
interface GigabitEthernet6/27
switchport access vlan 2
switchport mode access
!
interface GigabitEthernet6/28
switchport access vlan 2
switchport mode access
!
interface GigabitEthernet6/29
switchport access vlan 2
switchport mode access
!
interface GigabitEthernet6/30
switchport access vlan 2
switchport mode access
!
interface GigabitEthernet6/31
switchport access vlan 2
switchport mode access
spanning-tree portfast
!
interface GigabitEthernet6/32
switchport access vlan 2
switchport mode access
!
interface GigabitEthernet6/33
switchport access vlan 2
switchport mode access
!
interface GigabitEthernet6/34
switchport access vlan 2
switchport mode access
!
interface GigabitEthernet6/35
switchport access vlan 2
switchport mode access
!
interface GigabitEthernet6/36
switchport access vlan 2
switchport mode access
!
interface GigabitEthernet6/37
switchport access vlan 2
switchport mode access
!
interface GigabitEthernet6/38
switchport access vlan 2
switchport mode access
!
interface GigabitEthernet6/39
switchport access vlan 3
switchport mode access
!
interface GigabitEthernet6/40
switchport access vlan 30
switchport mode access
!
interface GigabitEthernet6/41
switchport access vlan 3
switchport mode access
!
interface GigabitEthernet6/42
switchport trunk encapsulation dot1q
switchport mode trunk
!
interface GigabitEthernet6/43
switchport trunk encapsulation dot1q
switchport mode trunk
!
interface GigabitEthernet6/44
switchport trunk encapsulation dot1q
switchport mode trunk
!
interface GigabitEthernet6/45
switchport trunk encapsulation dot1q
switchport mode trunk
channel-group 2 mode on
!
interface GigabitEthernet6/46
switchport trunk encapsulation dot1q
switchport mode trunk
channel-group 2 mode on
!
interface GigabitEthernet6/47
switchport trunk encapsulation dot1q
switchport mode trunk
channel-group 2 mode on
!
interface GigabitEthernet6/48
switchport trunk encapsulation dot1q
switchport mode trunk
channel-group 2 mode on
!
interface Vlan1
ip address 172.16.1.1 255.255.255.0
!
interface Vlan2
description *Server*
ip address 192.168.0.252 255.255.255.0
vrrp 2 ip 192.168.0.254
vrrp 2 priority 120
!
interface Vlan3
description *xinxizhongxin*
ip address 192.168.1.252 255.255.255.0
vrrp 3 ip 192.168.1.254
!
interface Vlan4
description *zonghelou*
ip address 192.168.2.252 255.255.255.0
vrrp 4 ip 192.168.2.254
!
interface Vlan5
description *changsifenchang*
ip address 192.168.3.252 255.255.255.0
vrrp 5 ip 192.168.3.254
vrrp 5 priority 120
!
interface Vlan6
description *duanyifenchang*
ip address 192.168.4.252 255.255.255.0
vrrp 6 ip 192.168.4.254
!
interface Vlan7
description *duanerfenchang*
ip address 192.168.5.252 255.255.255.0
vrrp 7 ip 192.168.5.254
!
interface Vlan8
description *donglifenchang*
ip address 192.168.6.252 255.255.255.0
vrrp 8 ip 192.168.6.254
!
interface Vlan9
description *jiangfengongchang*
ip address 192.168.7.252 255.255.255.0
vrrp 9 ip 192.168.7.254
!
interface Vlan10
description *xinduansier*
ip address 192.168.8.252 255.255.255.0
vrrp 10 ip 192.168.8.254
!
interface Vlan12
description *changsifenchang*
ip address 192.168.10.252 255.255.255.0
vrrp 12 ip 192.168.10.254
vrrp 12 priority 120
!
interface Vlan13
description *jiyuan&gongxiaogongsi*
ip address 192.168.11.252 255.255.255.0
vrrp 13 ip 192.168.11.254
!
interface Vlan14
description *binguan*
ip address 192.168.12.252 255.255.255.0
vrrp 14 ip 192.168.12.254
!
interface Vlan15
description *changchuchubei*
ip address 192.168.13.252 255.255.255.0
vrrp 15 ip 192.168.13.254
!
interface Vlan17
description *wushuichejian*
ip address 192.168.15.252 255.255.255.0
vrrp 17 ip 192.168.15.254
!
interface Vlan18
description *duansanfenchang*
ip address 192.168.16.252 255.255.255.0
vrrp 18 ip 192.168.16.254
vrrp 18 priority 120
!
interface Vlan20
description *jishuzhongxin*
ip address 192.168.18.252 255.255.255.0
vrrp 20 ip 192.168.18.254
!
interface Vlan24
description *xinzongcaiwu*
ip address 192.168.22.252 255.255.255.0
vrrp 24 ip 192.168.22.254
vrrp 24 priority 120
!
interface Vlan25
description *xinzongcaiwu*
ip address 192.168.23.252 255.255.255.0
vrrp 25 ip 192.168.23.254
vrrp 25 priority 120
!
interface Vlan26
description *xinzongcaiwu*
ip address 192.168.24.252 255.255.255.0
vrrp 26 ip 192.168.24.254
vrrp 26 priority 120
!
interface Vlan30
description *jianyanchu*
ip address 192.168.28.252 255.255.255.0
vrrp 30 ip 192.168.28.254
vrrp 30 priority 120
!
interface Vlan31
description *cangchulingdaou*
ip address 192.168.29.252 255.255.255.0
vrrp 31 ip 192.168.29.254
vrrp 31 priority 120
!
interface Vlan42
description *xinzongcaiwu2*
ip address 192.168.40.252 255.255.255.0
vrrp 42 ip 192.168.40.254
vrrp 42 priority 120
!
interface Vlan172
ip address 172.16.8.1 255.255.255.0
vrrp 172 ip 172.16.8.254
vrrp 172 priority 120
!
router rip
version 2
network 192.168.8.0
network 192.168.10.0
network 192.168.24.0
network 192.168.28.0
network 192.168.30.0
network 192.168.31.0
network 192.168.40.0
!
ip route 0.0.0.0 0.0.0.0 10.10.20.1
ip http server
!
control-plane
!
!
line con 0
stopbits 1
line vty 0 4
login local
!
!
monitor session 1 source interface Gi4/1 - 32
monitor session 1 source interface Gi6/1
monitor session 1 destination interface Gi6/3
end
TAG:網管愛好者 |