企業項目拓撲2

時間 2019-11-10

標籤企業項目拓撲简体版

原文原文鏈接

某企業骨幹網絡拓撲以下圖所示：

企業網絡要求以下：

實驗要求：
1.SW1爲vlan 10的主網關，vlan 20的備份網關；
2.SW2爲vlan 20的主網關，vlan 10的備份網關；
3.DHCP服務器在vlan 66，網關在SW2上面；
4.PC一、PC2自動獲取ip地址且能夠互相ping通；
5.企業內網運行OSPF協議；
6.僅容許Client1所在網絡能夠訪問Server1服務器；
7.企業內網設備僅容許被DHCP服務器遠程管理；
8.外網R2能夠遠程管理DHCP服務器。服務器

第一步：配置基本網絡；

SW1配置以下
sysname SW1
vlan batch 10 20 66 100
interface GigabitEthernet0/0/1
port link-type access
port default vlan 10
interface GigabitEthernet0/0/2
port link-type access
port default vlan 10
interface GigabitEthernet0/0/3
port link-type access
port default vlan 100
interface GigabitEthernet0/0/10
port link-type trunk
port trunk allow-pass vlan all
interface Vlanif10
ip address 192.168.10.251 255.255.255.0
interface Vlanif20
ip address 192.168.20.251 255.255.255.0
interface Vlanif100
ip address 192.168.100.2 255.255.255.0
SW2配置以下
sysname SW2
vlan batch 10 20 66 200
interface GigabitEthernet0/0/1
port link-type access
port default vlan 20
interface GigabitEthernet0/0/3
port link-type access
port default vlan 200
interface GigabitEthernet0/0/10
port link-type trunk
port trunk allow-pass vlan all
interface GigabitEthernet0/0/11
port link-type access
port default vlan 66
interface Vlanif10
ip address 192.168.10.252 255.255.255.0
interface Vlanif20
ip address 192.168.20.252 255.255.255.0
interface Vlanif66
ip address 192.168.66.1 255.255.255.0
interface Vlanif200
ip address 192.168.200.2 255.255.255.0
DHCP配置以下
sysname DHCP
interface GigabitEthernet0/0/0
ip address 192.168.66.2 255.255.255.0
R1配置以下
sysname R1
interface g0/0/0
ip address 100.1.1.2 24
interface g0/0/1
ip address 192.168.100.1 24
interface g0/0/2
ip address 192.168.200.1 24
R2配置以下
sysname R2
interface g0/0/0
ip address 100.1.1.1 24
interface g0/0/1
ip address 200.1.1.254 24網絡

第二步：配置企業內網OSPF;

OSPF配置：
R1配置以下
ip route-static 0.0.0.0 0.0.0.0 100.1.1.1
ospf 1
default-route-advertise always
area 0
network 192.168.100.0 0.0.0.255
network 192.168.200.0 0.0.0.255
SW1配置以下
ospf 1
area 0
network 192.168.10.0 0.0.0.255
network 192.168.20.0 0.0.0.255
network 192.168.100.0 0.0.0.255
SW2配置以下
ospf 1
area 0
network 192.168.10.0 0.0.0.255
network 192.168.20.0 0.0.0.255
network 192.168.66.0 0.0.0.255
network 192.168.200.0 0.0.0.255
DHCP配置以下
ospf 1
area 0
network 192.168.66.0 0.0.0.255 tcp

第三步：配置VRRP;

SW1配置
interface Vlanif10
vrrp vrid 10 virtual-ip 192.168.10.250
vrrp vrid 10 priority 200
interface Vlanif20
vrrp vrid 20 virtual-ip 192.168.20.250
SW2配置
interface Vlanif10
vrrp vrid 10 virtual-ip 192.168.10.250
interface Vlanif20
vrrp vrid 20 virtual-ip 192.168.20.250
vrrp vrid 20 priority 200ide

第四步：DHCP配置
DHCP配置
dhcp enable
interface GigabitEthernet0/0/0
dhcp select global
ip pool p1
gateway-list 192.168.10.250
network 192.168.10.0 mask 255.255.255.0
dns-list 8.8.8.8
ip pool p2
gateway-list 192.168.20.250
network 192.168.20.0 mask 255.255.255.0
dns-list 8.8.8.8
SW1配置
dhcp enable
interface Vlanif10
dhcp select relay
dhcp relay server-ip 192.168.66.2
interface Vlanif20
dhcp select relay
dhcp relay server-ip 192.168.66.2
SW2配置
dhcp enable
interface Vlanif10
dhcp select relay
dhcp relay server-ip 192.168.66.2
interface Vlanif20
dhcp select relay
dhcp relay server-ip 192.168.66.2ui

第五步：配置PAT和遠程管理；

R1配置以下：
acl 2000
rule 10 permit source 192.168.10.0 0.0.0.255
quit
interface GigabitEthernet0/0/0
nat outbound 2000
nat server protocol tcp global 100.1.1.2 8080 inside 192.168.66.1 telnet
quit
acl number 3000
rule 10 permit tcp source 192.168.66.2 0 destination-port eq telnet
user-interface vty 0 4
acl 3000 inbound
authentication-mode password
123code

最後，進行項目驗證，完成！

相關標籤/搜索

每日一句

每一个你不满意的现在，都有一个你没有努力的曾经。