核心交换机的配置过程

2023-03-24 1 分钟阅读

目录

换了公司,也搞起了桌面运维,配置交换机的过程记录一下,其实很简单,就是命令记不住。

拿到一台华为交换机,重新初始化后,配置如下:

 1<HUAWEI>dis cur
 2!Software Version V200R008C00SPC500
 3#
 4sysname HUAWEI
 5#
 6aaa
 7 authentication-scheme default
 8 authorization-scheme default
 9 accounting-scheme default
10 domain default
11 domain default_admin
12 local-user admin password irreversible-cipher %^%#7:.iL]+u"4\j8ZFhGeg/-m.&"^0}kMznjk%>;BaUDO/'6m\X\=V8JGY:W;i,%^%#
13 local-user admin service-type http
14#
15interface Vlanif1
16#
17interface MEth0/0/1
18#
19interface GigabitEthernet0/0/1
20#                                         
21interface NULL0
22#
23user-interface con 0
24 authentication-mode password
25 set authentication password cipher $1a$~!;$-JF0-W$Z><1.F]<sF.R_NBj34CJ/JPe=/tZDMM(Ws3'9u%+$
26user-interface vty 0 4
27user-interface vty 16 20
28#
29return

一、配名称

1sysname BJ_FANGHENG_JIERU

二、配置登录用户

 11、aaa
 2local-user admin password irreversible-cipher abcdefg
 3local-user admin privilege level 3
 4local-user admin service-type telnet terminal ssh
 5
 62、user-interface con 0
 7authentication-mode aaa
 8
 93、user-interface vty 0 4
10authentication-mode aaa
11protocol inbound all

三、配置下联交换机端口

1interface GigabitEthernet0/0/23
2 description == H3cSW --> 24
3 port link-type trunk
4 port trunk allow-pass vlan 2 to 4094

四、配置上联交换机端口

1interface GigabitEthernet0/0/24
2 description == RuijieRoute --> lan0
3 port link-type trunk
4 port trunk allow-pass vlan 2 to 4094

五、配置vlan地址

 1vlan 11
 2vlan 100
 3
 4vlan 11
 5 interface Vlanif11
 6 ip address 10.8.0.7 255.255.254.0
 7 
 8vlan 100
 9 interface Vlanif100
10 ip address 192.168.10.7 255.255.255.0

六、配置缺省路由

1ip route-static 0.0.0.0 0.0.0.0 10.8.0.1

七、批量配置端口

1port-group group-member GigabitEthernet0/0/1 to GigabitEthernet0/0/23
2port link-type access
3port default vlan 11
4stp edged-port enable

八、lldp

1lldp enable

九、dhcp

 1dhcp enable
 2ip pool 11
 3 gateway-list 10.8.0.1
 4 network 10.8.0.0 mask 255.255.254.0
 5 static-bind ip-address 10.8.0.4 mac-address 8005-88f1-fa62
 6 dns-list 114.114.114.114
 7 
 8interface Vlanif11
 9 description === Ke hu duan
10 ip address 10.8.0.1 255.255.254.0
11 dhcp select global

十、telnet和ssh

1dsa local-key-pair create
2
3telnet server enable
4
5stelnet server enable
6ssh authentication-type default password

这样就完成了一台核心设备的简单配置

Hubot集成企业钉钉
使用ipset来禁止国外的用户登录openvpn

相关文章

comments powered by Disqus