思科路由器配置vlan
思科路由器命令大全(完整版)
思科路由器命令大全(完整版)思科路由器命令大全(完整版)本文档旨在提供思科路由器命令的详细说明和使用指南,包括路由器配置、网络管理、安全性设置等内容。
每个章节都详细介绍了不同的命令和参数,以帮助用户更好地理解和使用思科路由器。
1:路由器基本配置1.1 主机名设置1.2 用户名和密码设置1.3 IP 地址和子网掩码配置1.4 默认网关配置2:接口配置2.1 以太网接口配置2.2 串行接口配置2.3 子接口配置2.4 虚拟局域网 (VLAN) 配置3:路由协议配置3.1 静态路由配置3.2 动态路由配置3.2.1 RIP 配置3.2.2 OSPF 配置3.2.3 BGP 配置4:网络管理4.1 SNMP 配置4.2 NetFlow 配置4.3 Syslog 配置4.4 路由器时间设置5:安全性配置5.1 访问控制列表 (ACL) 配置5.2 VPN 配置5.3 防火墙配置5.4 AAA 配置附件:本文档附带的附件包括示例配置文件、命令输出示例等,以帮助读者更好地理解和应用文档中的内容。
法律名词及注释:本文档所涉及的法律名词及其注释如下:1:主机名:指路由器的主机标识名称,用于在网络中识别路由器。
2:用户名和密码:用于登录和管理路由器的凭证信息。
3: IP 地址:网络协议中用于唯一标识设备的数字地址。
4:子网掩码:用于标识 IP 地址中网络部分和主机部分的分界线。
5:默认网关:用于转发网络流量的下一跳路由器。
6:以太网接口:用于连接局域网设备的物理接口。
7:串行接口:用于连接广域网设备的物理接口。
8:子接口:在一个物理接口上创建多个逻辑接口,用于实现VLAN 分隔等功能。
9:虚拟局域网 (VLAN):用于将局域网划分成多个逻辑网络的技术。
10:静态路由:手动配置的路由表项,用于指定数据包传输的路径。
11:动态路由:根据路由协议动态学习和更新的路由表项,用于自动路由选择。
12: RIP:路由信息协议,一种距离向量路由协议。
思科路由器如何配置VLAN的IP
思科路由器如何配置VLAN的IP我们的思科路由器如何配置VLAN的IP呢?想必很多网络技术的新手都不清楚,所以小编这里就推荐下配置VLAN的IP方法和介绍VLAN给你们认识认识。
VLAN:英文全称为Virtual Local Area Network,中文称虚拟局域网,VLAN其实就相当于一个小型网络的统称,如校园网内有三个不同网段,分别为10.0.0.0、172.16.1.0和192.168.1.0,我们可以分别将这三个网段划分为三个不同的VLAN,以便于管理。
举个例子,只允许10.0.0.0网段访问172.16.1.0网段,不能访问192.168.1.0网段,此时VLAN的好处显露无疑。
今天笔者同大家分享思科路由器如何配置VLAN的IP。
1、启动计算机并连接到思科路由器,进入VLAN配置模式。
在命令行提示符下键入以下命令,然后按ENTER键host1(config)#interface fastEthernet 4/0请注意,在这个例子中,我们指定的VLAN使用的是快速以太网连接,标有“快速以太网”。
2、对VLAN进行封装,输入以下命令:host1(config-if)#encapsulation vlan3、创建一个子接口的VLAN,这将主机的IP,通过添加一个子识别号码。
键入以下命令,然后按ENTER键。
host1(config-if)#interface fastEthernet 4/0.354、指定的VLAN ID,通过键入以下命令Read more: How to Configure a VLAN IP | "host1(config-if)#vlan id 333",5、分配给VLAN的IP地址,在命令提示符下键入以下命令,然后按回车键。
host1(config-if)#IP address 192.168.1.13 255.255.255.0通过这5个命令,你就成功在路由器上的VLAN配置了IP地址了,是不是很简单呢。
cisco RV 120W 路由器配置成VLAN交换机
思科RV 120W 路由器配置成小型交換機1、使用網線把電腦和交換機LAN1或其他LAN口相連接。
2、打開IE流覽器輸入192.168.1.1(新交換機默認IP)。
3、在下圖中輸用戶名:admin,密碼為admin或為空(默認)點擊Log In 登錄。
用戶登錄4、思科RV 120W設置界面如下:5、設置路由訪問IP和關閉DHCP:設置路由訪問IP選擇DHCP是否關閉6、關閉無線網絡,進入以下界面。
無線開啟狀態顯示7、選擇要更改的無線網AP,點擊Edit,進入設置無線網絡是否開啟界面:8、重設用戶名和密碼:9、新建VLAN勾選為開啟,取消勾選為關閉修改用戶名稱修改密碼保存已建好VLAN點Add 添加VLAN10、點Add 添加VLAN輸入VALN描述名稱ID編號名稱保存11、輸入VALN描述名稱和ID編號(根據實際情況自己設定),點Save保存。
12、設置VLAN IP地址和子網掩码13、選擇要編輯的VLAN號,點擊Edit。
14、修改后關閉DHCP點擊保存。
15、VLAN端口分配:已設定VLAN IP地址勾選要編輯的VLAN ID點擊Edit修改VLAN IP地址和子網掩码修改VLANIP地址和子選擇DHCP是否關閉端口分配狀態勾選要編輯的端口,點擊Edit16、選擇要編輯的端口,點擊Edit端口類型選擇設定其端口要開放的VLAN ID編號17、先選擇端口類型(Trunk用于交換機级联,General為一般通用接口,Aceess用于設定開放VLAN對象),保存,選擇端口類型后選要開放的VLAN ID編號,保存。
思科7960路由器如何配置Voicevlan
思科7960路由器如何配置Voice vlan思科是全球高端顶尖的通讯厂商,他出产的路由器功能也是世界级的,那么你知道思科7960路由器如何配置Voice vlan吗?下面是店铺整理的一些关于思科7960路由器如何配置Voice vlan的相关资料,供你参考。
思科7960路由器配置Voice vlan的方法:cisco7960 P1连接3550 F0/5端口用IEEE 802.1Qframes标准端口承载语音流量switchconf tmls qosvlan 2name accessexitvlan 3name voiceexitinterface f0/5mls qos trust cosswitchport mode accessswitchport access vlan 3switchport voice vlan 2end校验SW2#sh int fast 0/5 switchportName: Fa0/5Switchport: EnabledAdministrative Mode: static accessOperational Mode: static accessAdministrative Trunking Encapsulation: negotiateOperational Trunking Encapsulation: nativeNegotiation of Trunking: OffAccess Mode VLAN: 2 (access)Trunking Native Mode VLAN: 1 (default)Voice VLAN: 3 (vioce)Administrative private-vlan host-association: noneAdministrative private-vlan mapping: noneAdministrative private-vlan trunk native VLAN: noneAdministrative private-vlan trunk encapsulation: dot1qAdministrative private-vlan trunk normal VLANs: noneAdministrative private-vlan trunk private VLANs: noneOperational private-vlan: noneTrunking VLANs Enabled: ALLPruning VLANs Enabled: 2-1001Capture Mode DisabledCapture VLANs Allowed: ALLProtected: falseUnknown unicast blocked: disabledUnknown multicast blocked: disabledAppliance trust: noneSW2#sh spanning-tree interface f 0/5 portfastVLAN0002 enabled配置VOICE VLAN的802.1P priority-taged frames标准配置端口承载运因流量。
思科4506路由器全网络配置方案
思科4506全网络配置方案1. 网络拓扑2. 配置文档中心机房配置2台Catalyst4506,互为冗余备份,通过一台PIX525防火墙连接互联网。
接入交换机配置Catalyst3750/3560,每台接入交换机配置2条TRUNK端口,分别连接到核心交换机。
整个网络部署9个Vlan,Vlan1为管理vlan,其余8个Vlan为用户Vlan。
每个用户Vlan分配一个C类ip地址段,其中x.x.x.1为网关,x.x.x.1-x.x.x.99保留为手动ip配置,x.x.x.100-x.x.x.254作为dhcp动态分配的Vlan用户使用。
(1)主核心交换机Catalyst4506配置。
SW4500-1#SW4500-1#wr tBuilding configuration...Current configuration : 9687 bytes!version 12.2no service padservice timestamps debug uptimeservice timestamps log uptimeno service password-encryptionservice compress-config!hostname SW4500-1!boot-start-markerboot system flash bootflash:cat4500-ipbase-mz.122-31.SGA6.bin boot-end-marker!enable secret cisco!no aaa new-modelip subnet-zerono ip domain-lookupip host fw 192.168.201.100ip host sw2 192.168.201.3ip dhcp excluded-address 192.168.202.1 192.168.202.99ip dhcp excluded-address 192.168.203.1 192.168.203.99ip dhcp excluded-address 192.168.204.1 192.168.204.99ip dhcp excluded-address 192.168.205.1 192.168.205.99ip dhcp excluded-address 192.168.206.1 192.168.206.99ip dhcp excluded-address 192.168.207.1 192.168.207.99ip dhcp excluded-address 192.168.208.1 192.168.208.99ip dhcp excluded-address 192.168.209.1 192.168.209.99ip dhcp excluded-address 192.168.210.1 192.168.210.99ip dhcp excluded-address 192.168.201.1 192.168.201.20ip dhcp excluded-address 192.168.201.100 192.168.201.126 !ip dhcp pool vlan2network 192.168.202.0 255.255.255.0dns-server 202.99.224.8 202.106.0.20default-router 192.168.202.1lease 0 8!ip dhcp pool vlan3network 192.168.203.0 255.255.255.0dns-server 202.99.224.8 202.106.0.20default-router 192.168.203.1lease 0 8!ip dhcp pool vlan4network 192.168.204.0 255.255.255.0dns-server 202.99.224.8 202.106.0.20default-router 192.168.204.1lease 0 8!ip dhcp pool vlan5network 192.168.205.0 255.255.255.0dns-server 202.99.224.8 202.106.0.20default-router 192.168.205.1lease 0 8!ip dhcp pool vlan6network 192.168.206.0 255.255.255.0dns-server 202.99.224.8 202.106.0.20default-router 192.168.206.1lease 0 8!ip dhcp pool vlan7network 192.168.207.0 255.255.255.0dns-server 202.99.224.8 202.106.0.20default-router 192.168.207.1lease 0 8!ip dhcp pool vlan8network 192.168.208.0 255.255.255.0dns-server 202.99.224.8 202.106.0.20default-router 192.168.208.1lease 0 8!ip dhcp pool vlan9network 192.168.209.0 255.255.255.0dns-server 202.99.224.8 202.106.0.20default-router 192.168.209.1lease 0 8!ip dhcp pool vlan10network 192.168.210.0 255.255.255.0dns-server 202.99.224.8 202.106.0.20default-router 192.168.210.1lease 0 8!ip dhcp pool vlan1network 192.168.201.0 255.255.255.128 dns-server 202.99.224.8 202.106.0.20default-router 192.168.201.1lease 0 8!!!!power redundancy-mode redundantno file verify auto!spanning-tree mode pvstspanning-tree extend system-idspanning-tree vlan 1-10 priority 24576!vlan internal allocation policy ascending!interface GigabitEthernet1/1!interface GigabitEthernet1/2!interface GigabitEthernet2/1description LinkToSW4500-2 switchport trunk encapsulation dot1q switchport mode trunk!interface GigabitEthernet2/2switchport trunk encapsulation dot1q switchport mode trunk!interface GigabitEthernet2/3 switchport mode trunk!interface GigabitEthernet2/4 switchport mode trunk!interface GigabitEthernet2/5 switchport mode trunk!interface GigabitEthernet2/6 switchport mode trunk!interface GigabitEthernet2/7 switchport mode trunk!interface GigabitEthernet2/8 switchport mode trunk!interface GigabitEthernet2/9 switchport mode trunk!interface GigabitEthernet2/10 switchport mode trunk!interface GigabitEthernet2/11 switchport mode trunk!interface GigabitEthernet2/12 switchport mode trunk!interface GigabitEthernet2/13 switchport mode trunk!interface GigabitEthernet2/14 switchport mode trunk!interface GigabitEthernet2/15 switchport mode trunk!interface GigabitEthernet2/16 switchport mode trunk!interface GigabitEthernet2/17 switchport mode trunk!interface GigabitEthernet2/18 switchport mode trunk!interface GigabitEthernet3/1 description LinkToFirewall switchport mode access spanning-tree portfast!interface GigabitEthernet3/2 switchport mode access spanning-tree portfast!interface GigabitEthernet3/3 description Cisco net manager switchport mode access spanning-tree portfast!interface GigabitEthernet3/4 switchport mode access spanning-tree portfast!interface GigabitEthernet3/5 switchport mode access spanning-tree portfast!interface GigabitEthernet3/6 switchport mode access spanning-tree portfast!interface GigabitEthernet3/7 switchport mode access spanning-tree portfast!interface GigabitEthernet3/8 switchport mode access spanning-tree portfast!interface GigabitEthernet3/9 switchport mode access spanning-tree portfastinterface GigabitEthernet3/10 switchport mode access spanning-tree portfast!interface GigabitEthernet3/11 switchport mode access spanning-tree portfast!interface GigabitEthernet3/12 switchport mode access spanning-tree portfast!interface GigabitEthernet3/13 switchport mode access spanning-tree portfast!interface GigabitEthernet3/14 switchport mode access spanning-tree portfast!interface GigabitEthernet3/15 switchport mode access spanning-tree portfast!interface GigabitEthernet3/16 switchport mode access spanning-tree portfast!interface GigabitEthernet3/17 switchport mode access spanning-tree portfast!interface GigabitEthernet3/18 switchport mode access spanning-tree portfast!interface GigabitEthernet3/19 switchport mode access spanning-tree portfast!interface GigabitEthernet3/20 switchport mode access spanning-tree portfastinterface GigabitEthernet3/21 switchport mode access spanning-tree portfast!interface GigabitEthernet3/22 switchport mode access spanning-tree portfast!interface GigabitEthernet3/23 switchport mode access spanning-tree portfast!interface GigabitEthernet3/24 switchport mode access spanning-tree portfast!interface GigabitEthernet3/25 switchport mode access spanning-tree portfast!interface GigabitEthernet3/26 switchport mode access spanning-tree portfast!interface GigabitEthernet3/27 switchport mode access spanning-tree portfast!interface GigabitEthernet3/28 switchport mode access spanning-tree portfast!interface GigabitEthernet3/29 switchport mode access spanning-tree portfast!interface GigabitEthernet3/30 switchport mode access spanning-tree portfast!interface GigabitEthernet3/31 switchport mode access spanning-tree portfastinterface GigabitEthernet3/32 switchport mode accessspanning-tree portfast!interface GigabitEthernet3/33!interface GigabitEthernet3/34!interface GigabitEthernet3/35!interface GigabitEthernet3/36!interface GigabitEthernet3/37!interface GigabitEthernet3/38!interface GigabitEthernet3/39!interface GigabitEthernet3/40!interface GigabitEthernet3/41 switchport trunk encapsulation dot1q switchport mode trunk!interface GigabitEthernet3/42 switchport trunk encapsulation dot1q switchport mode trunk!interface GigabitEthernet3/43 switchport trunk encapsulation dot1q switchport mode trunk!interface GigabitEthernet3/44 switchport trunk encapsulation dot1q switchport mode trunk!interface GigabitEthernet3/45 switchport trunk encapsulation dot1q switchport mode trunk!interface GigabitEthernet3/46 switchport trunk encapsulation dot1q switchport mode trunkinterface GigabitEthernet3/47switchport trunk encapsulation dot1q switchport mode trunk!interface GigabitEthernet3/48switchport trunk encapsulation dot1q switchport mode trunk!interface Vlan1ip address 192.168.201.2 255.255.255.128 standby 1 ip 192.168.201.1standby 1 preempt!interface Vlan2ip address 192.168.202.2 255.255.255.0 standby 1 ip 192.168.202.1standby 1 preempt!interface Vlan3ip address 192.168.203.2 255.255.255.0 standby 1 ip 192.168.203.1standby 1 preempt!interface Vlan4ip address 192.168.204.2 255.255.255.0 standby 1 ip 192.168.204.1standby 1 preempt!interface Vlan5ip address 192.168.205.2 255.255.255.0 standby 1 ip 192.168.205.1standby 1 preempt!interface Vlan6ip address 192.168.206.2 255.255.255.0 standby 1 ip 192.168.206.1standby 1 preempt!interface Vlan7ip address 192.168.207.2 255.255.255.0 standby 1 ip 192.168.207.1standby 1 preempt!interface Vlan8ip address 192.168.208.2 255.255.255.0standby 1 ip 192.168.208.1standby 1 preempt!interface Vlan9ip address 192.168.209.2 255.255.255.0standby 1 ip 192.168.209.1standby 1 preempt!ip route 0.0.0.0 0.0.0.0 192.168.201.100ip http server!!!snmp-server community public-nm ROsnmp-server community private-nm RWsnmp-server chassis-id snmp-server enable traps snmp authentication linkdown linkup coldstart warmstart snmp-server enable traps ttysnmp-server enable traps fru-ctrlsnmp-server enable traps entitysnmp-server enable traps flash insertion removalsnmp-server enable traps cpu thresholdsnmp-server enable traps vtpsnmp-server enable traps vlancreatesnmp-server enable traps vlandeletesnmp-server enable traps envmon fan shutdown supply temperature statussnmp-server enable traps port-securitysnmp-server enable traps rfsnmp-server enable traps config-copysnmp-server enable traps configsnmp-server enable traps hsrpsnmp-server enable traps ipmulticastsnmp-server enable traps mac-notification change move thresholdsnmp-server enable traps pim neighbor-change rp-mapping-change invalid-pim-message snmp-server enable traps bridge newroot topologychangesnmp-server enable traps stpx inconsistency root-inconsistency loop-inconsistency snmp-server enable traps syslogsnmp-server enable traps vlan-membershipsnmp-server host 192.168.201.101 public-nm!control-plane!!line con 0stopbits 1line vty 0 4password ciscologin!endSW4500-1# sh cdp neiCapability Codes: R - Router, T - Trans Bridge, B - Source Route BridgeS - Switch, H - Host, I - IGMP, r - Repeater, P - PhoneDevice ID Local Intrfce Holdtme Capability Platform Port IDSW4500-2 Gig 2/1 136 R S I WS-C4506 Gig 2/1 bangonglou2 Gig 3/48 162 S I WS-C3750G Gig 1/0/23 bangonglou1 Gig 3/47 126 S I WS-C3750G Gig 1/0/23SW4500-1#sw2Trying sw2 (192.168.201.3)... OpenUser Access VerificationPassword:SW4500-2>enPassword:SW4500-2#wr tBuilding configuration...Current configuration : 9011 bytes!version 12.2no service padservice timestamps debug uptimeservice timestamps log uptimeno service password-encryptionservice compress-config!hostname SW4500-2!boot-start-markerboot system flash bootflash:cat4500-ipbase-mz.122-31.SGA6.binboot-end-marker!enable secret 5 $1$qdQu$9POGVGQrtfz7hMOiRKf/k.!no aaa new-modelip subnet-zerono ip domain-lookupip host sw1 192.168.201.2ip dhcp excluded-address 192.168.202.1 192.168.202.99ip dhcp excluded-address 192.168.203.1 192.168.203.99ip dhcp excluded-address 192.168.204.1 192.168.204.99ip dhcp excluded-address 192.168.205.1 192.168.205.99ip dhcp excluded-address 192.168.206.1 192.168.206.99ip dhcp excluded-address 192.168.207.1 192.168.207.99ip dhcp excluded-address 192.168.208.1 192.168.208.99ip dhcp excluded-address 192.168.209.1 192.168.209.99ip dhcp excluded-address 192.168.210.1 192.168.210.99ip dhcp excluded-address 192.168.201.1 192.168.201.20ip dhcp excluded-address 192.168.201.100 192.168.201.126 !ip dhcp pool vlan2network 192.168.202.0 255.255.255.0dns-server 202.99.224.8 202.106.0.20default-router 192.168.202.1lease 0 8!ip dhcp pool vlan3network 192.168.203.0 255.255.255.0dns-server 202.99.224.8 202.106.0.20default-router 192.168.203.1lease 0 8!ip dhcp pool vlan4network 192.168.204.0 255.255.255.0dns-server 202.99.224.8 202.106.0.20default-router 192.168.204.1lease 0 8!ip dhcp pool vlan5network 192.168.205.0 255.255.255.0dns-server 202.99.224.8 202.106.0.20default-router 192.168.205.1lease 0 8!ip dhcp pool vlan6network 192.168.206.0 255.255.255.0dns-server 202.99.224.8 202.106.0.20default-router 192.168.206.1lease 0 8!ip dhcp pool vlan7network 192.168.207.0 255.255.255.0dns-server 202.99.224.8 202.106.0.20default-router 192.168.207.1lease 0 8!ip dhcp pool vlan8network 192.168.208.0 255.255.255.0dns-server 202.99.224.8 202.106.0.20default-router 192.168.208.1lease 0 8!ip dhcp pool vlan9network 192.168.209.0 255.255.255.0dns-server 202.99.224.8 202.106.0.20default-router 192.168.209.1lease 0 8!ip dhcp pool vlan10network 192.168.210.0 255.255.255.0dns-server 202.99.224.8 202.106.0.20default-router 192.168.210.1lease 0 8!ip dhcp pool vlan1network 192.168.201.0 255.255.255.128 dns-server 202.99.224.8 202.106.0.20default-router 192.168.201.1lease 0 8!!!!power redundancy-mode redundantno file verify auto!spanning-tree mode pvstspanning-tree extend system-idspanning-tree vlan 1-10 priority 28672 !vlan internal allocation policy ascending !interface GigabitEthernet1/1!interface GigabitEthernet1/2!interface GigabitEthernet2/1 description LINkToSW4500-1 switchport trunk encapsulation dot1q switchport mode trunk!interface GigabitEthernet2/2!interface GigabitEthernet2/3!interface GigabitEthernet2/4!interface GigabitEthernet2/5!interface GigabitEthernet2/6!interface GigabitEthernet2/7!interface GigabitEthernet2/8!interface GigabitEthernet2/9!interface GigabitEthernet2/10!interface GigabitEthernet2/11!interface GigabitEthernet2/12!interface GigabitEthernet2/13!interface GigabitEthernet2/14!interface GigabitEthernet2/15!interface GigabitEthernet2/16!interface GigabitEthernet2/17interface GigabitEthernet2/18 !interface GigabitEthernet3/1 description LinkToFirewall switchport mode access spanning-tree portfast!interface GigabitEthernet3/2 switchport mode access spanning-tree portfast!interface GigabitEthernet3/3 description Cisco net manager switchport mode access spanning-tree portfast!interface GigabitEthernet3/4 switchport mode access spanning-tree portfast!interface GigabitEthernet3/5 switchport mode access spanning-tree portfast!interface GigabitEthernet3/6 switchport mode access spanning-tree portfast!interface GigabitEthernet3/7 switchport mode access spanning-tree portfast!interface GigabitEthernet3/8 switchport mode access spanning-tree portfast!interface GigabitEthernet3/9 switchport mode access spanning-tree portfast!interface GigabitEthernet3/10 switchport mode access spanning-tree portfastinterface GigabitEthernet3/11 switchport mode access spanning-tree portfast!interface GigabitEthernet3/12 switchport mode access spanning-tree portfast!interface GigabitEthernet3/13 switchport mode access spanning-tree portfast!interface GigabitEthernet3/14 switchport mode access spanning-tree portfast!interface GigabitEthernet3/15 switchport mode access spanning-tree portfast!interface GigabitEthernet3/16 switchport mode access spanning-tree portfast!interface GigabitEthernet3/17 switchport mode access spanning-tree portfast!interface GigabitEthernet3/18 switchport mode access spanning-tree portfast!interface GigabitEthernet3/19 switchport mode access spanning-tree portfast!interface GigabitEthernet3/20 switchport mode access spanning-tree portfast!interface GigabitEthernet3/21 switchport mode access spanning-tree portfastinterface GigabitEthernet3/22 switchport mode access spanning-tree portfast!interface GigabitEthernet3/23 switchport mode access spanning-tree portfast!interface GigabitEthernet3/24 switchport mode access spanning-tree portfast!interface GigabitEthernet3/25 switchport mode access spanning-tree portfast!interface GigabitEthernet3/26 switchport mode access spanning-tree portfast!interface GigabitEthernet3/27 switchport mode access spanning-tree portfast!interface GigabitEthernet3/28 switchport mode access spanning-tree portfast!interface GigabitEthernet3/29 switchport mode access spanning-tree portfast!interface GigabitEthernet3/30 switchport mode access spanning-tree portfast!interface GigabitEthernet3/31 switchport mode access spanning-tree portfast!interface GigabitEthernet3/32 switchport mode access spanning-tree portfastinterface GigabitEthernet3/33!interface GigabitEthernet3/34!interface GigabitEthernet3/35!interface GigabitEthernet3/36!interface GigabitEthernet3/37!interface GigabitEthernet3/38!interface GigabitEthernet3/39!interface GigabitEthernet3/40!interface GigabitEthernet3/41switchport trunk encapsulation dot1q switchport mode trunk!interface GigabitEthernet3/42!interface GigabitEthernet3/43!interface GigabitEthernet3/44!interface GigabitEthernet3/45!interface GigabitEthernet3/46!interface GigabitEthernet3/47!interface GigabitEthernet3/48!interface Vlan1ip address 192.168.201.3 255.255.255.128 standby 1 ip 192.168.201.1standby 1 priority 95standby 1 preempt!interface Vlan2ip address 192.168.202.3 255.255.255.0 standby 1 ip 192.168.202.1standby 1 priority 95standby 1 preempt!interface Vlan3ip address 192.168.203.3 255.255.255.0 standby 1 ip 192.168.203.1standby 1 priority 95standby 1 preempt!interface Vlan4ip address 192.168.204.3 255.255.255.0 standby 1 ip 192.168.204.1standby 1 priority 95standby 1 preempt!interface Vlan5ip address 192.168.205.3 255.255.255.0 standby 1 ip 192.168.205.1standby 1 priority 95standby 1 preempt!interface Vlan6ip address 192.168.206.3 255.255.255.0 standby 1 ip 192.168.206.1standby 1 priority 95standby 1 preempt!interface Vlan7ip address 192.168.207.3 255.255.255.0 standby 1 ip 192.168.207.1standby 1 priority 95standby 1 preempt!interface Vlan8ip address 192.168.208.3 255.255.255.0 standby 1 ip 192.168.208.1standby 1 priority 95standby 1 preempt!interface Vlan9ip address 192.168.209.3 255.255.255.0 standby 1 ip 192.168.209.1standby 1 priority 95standby 1 preempt!ip route 0.0.0.0 0.0.0.0 192.168.201.100ip http server!!!snmp-server community public-nm ROsnmp-server community private-nm RWsnmp-server chassis-id snmp-server enable traps snmp authentication linkdown linkup coldstart warmstart snmp-server enable traps ttysnmp-server enable traps fru-ctrlsnmp-server enable traps entitysnmp-server enable traps flash insertion removalsnmp-server enable traps cpu thresholdsnmp-server enable traps vtpsnmp-server enable traps vlancreatesnmp-server enable traps vlandeletesnmp-server enable traps envmon fan shutdown supply temperature statussnmp-server enable traps port-securitysnmp-server enable traps rfsnmp-server enable traps config-copysnmp-server enable traps configsnmp-server enable traps hsrpsnmp-server enable traps ipmulticastsnmp-server enable traps mac-notification change move thresholdsnmp-server enable traps pim neighbor-change rp-mapping-change invalid-pim-message snmp-server enable traps bridge newroot topologychangesnmp-server enable traps stpx inconsistency root-inconsistency loop-inconsistency snmp-server enable traps syslogsnmp-server enable traps vlan-membershipsnmp-server host 192.168.201.101 public-nm!control-plane!!line con 0stopbits 1line vty 0 4password ciscologin!endSW4500-2# sh cdp neiCapability Codes: R - Router, T - Trans Bridge, B - Source Route BridgeS - Switch, H - Host, I - IGMP, r - Repeater, P - PhoneDevice ID Local Intrfce Holdtme Capability Platform Port IDSW4500-1 Gig 2/1 167 R S I WS-C4506 Gig 2/1 bangonglou2 Gig 3/48 142 S I WS-C3750G Gig 1/0/24 bangonglou1 Gig 3/47 165 S I WS-C3750G Gig 1/0/24 SW4500-2#SW4500-2#SW4500-2#SW4500-2#SW4500-2#exit[Connection to sw2 closed by foreign host]SW4500-1#fwTrying fw (192.168.201.100)... OpenUser Access VerificationPassword:Type help or '?' for a list of available commands.YMMK-FIREWALL> enPassword: *****YMMK-FIREWALL# wr t: Saved:PIX Version 8.0(4)!hostname YMMK-FIREWALLdomain-name enable password ciscopasswd cisconames!interface Ethernet0nameif outsidesecurity-level 0ip address xx.xx.xx.xx 255.255.255.248!interface Ethernet1nameif insidesecurity-level 100ip address 192.168.201.100 255.255.255.128!ftp mode passivedns server-group DefaultDNSdomain-name access-list intoout extended permit icmp any anyaccess-list intoout extended deny tcp any any eq 135access-list intoout extended deny tcp any any eq netbios-ssnaccess-list intoout extended deny tcp any any eq 445access-list intoout extended deny tcp any any eq 1025access-list intoout extended deny tcp any any eq 4444access-list intoout extended deny tcp any any eq 5554access-list intoout extended deny tcp any any eq 9996access-list intoout extended deny tcp any any eq 69access-list intoout extended deny tcp any any eq 1433access-list intoout extended deny tcp any any eq 1434access-list intoout extended permit ip any anypager lines 24mtu inside 1500mtu outside 1500no failovericmp unreachable rate-limit 1 burst-size 1icmp permit any insideicmp permit any outsideasdm image flash:/asdm-613.binno asdm history enablearp timeout 14400global (outside) 1 interfacenat (inside) 1 192.168.0.0 255.255.0.0static (inside,outside) tcp interface 2741 192.168.201.101 1741 dnsaccess-group intoout in interface insideroute outside 0.0.0.0 0.0.0.0 xx.xx.xx.xx 1route inside 192.168.202.0 255.255.255.0 192.168.201.1 1route inside 192.168.203.0 255.255.255.0 192.168.201.1 1route inside 192.168.204.0 255.255.255.0 192.168.201.1 1route inside 192.168.205.0 255.255.255.0 192.168.201.1 1route inside 192.168.206.0 255.255.255.0 192.168.201.1 1route inside 192.168.207.0 255.255.255.0 192.168.201.1 1route inside 192.168.208.0 255.255.255.0 192.168.201.1 1route inside 192.168.209.0 255.255.255.0 192.168.201.1 1route inside 192.168.210.0 255.255.255.0 192.168.201.1 1timeout xlate 3:00:00timeout conn 1:00:00 half-closed 0:10:00 udp 0:02:00 icmp 0:00:02timeout sunrpc 0:10:00 h323 0:05:00 h225 1:00:00 mgcp 0:05:00 mgcp-pat 0:05:00timeout sip 0:30:00 sip_media 0:02:00 sip-invite 0:03:00 sip-disconnect 0:02:00 timeout sip-provisional-media 0:02:00 uauth 0:05:00 absolutedynamic-access-policy-record DfltAccessPolicyaaa authentication ssh console LOCALsnmp-server host inside 192.168.201.101 community public-nmno snmp-server locationno snmp-server contactsnmp-server community public-nmsnmp-server enable traps snmp authentication linkup linkdown coldstartsnmp-server enable traps syslogcrypto ipsec security-association lifetime seconds 28800crypto ipsec security-association lifetime kilobytes 4608000telnet 0.0.0.0 0.0.0.0 insidetelnet timeout 5ssh 0.0.0.0 0.0.0.0 outsidessh timeout 20console timeout 0threat-detection basic-threatthreat-detection statistics access-listno threat-detection statistics tcp-interceptusername cisco password 3q8ZgbRKJMLMsGri encrypted!class-map inspection_defaultmatch default-inspection-traffic!!policy-map type inspect dns preset_dns_mapparametersmessage-length maximum 512policy-map global_policyclass inspection_defaultinspect dns preset_dns_mapinspect ftpinspect h323 h225inspect h323 rasinspect netbiosinspect rshinspect rtspinspect esmtpinspect sqlnetinspect sunrpcinspect tftpinspect sipinspect xdmcp!service-policy global_policy globalprompt hostname contextCryptochecksum:3cf0203d19fdb4ac1e58ce9fd4c4af44: end[OK]YMMK-FIREWALL# sh routeCodes: C - connected, S - static, I - IGRP, R - RIP, M - mobile, B - BGPD - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter areaN1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2E1 - OSPF external type 1, E2 - OSPF external type 2, E - EGPi - IS-IS, L1 - IS-IS level-1, L2 - IS-IS level-2, ia - IS-IS inter area* - candidate default, U - per-user static route, o - ODRP - periodic downloaded static routeGateway of last resort is 58.18.222.49 to network 0.0.0.0S 192.168.209.0 255.255.255.0 [1/0] via 192.168.201.1, insideS 192.168.208.0 255.255.255.0 [1/0] via 192.168.201.1, insideS 192.168.210.0 255.255.255.0 [1/0] via 192.168.201.1, insideC 192.168.201.0 255.255.255.128 is directly connected, insideC xx.xx.xx.xx 255.255.255.248 is directly connected, outsideS 192.168.202.0 255.255.255.0 [1/0] via 192.168.201.1, insideS 192.168.203.0 255.255.255.0 [1/0] via 192.168.201.1, insideS 192.168.204.0 255.255.255.0 [1/0] via 192.168.201.1, insideS 192.168.205.0 255.255.255.0 [1/0] via 192.168.201.1, insideS 192.168.206.0 255.255.255.0 [1/0] via 192.168.201.1, insideS 192.168.207.0 255.255.255.0 [1/0] via 192.168.201.1, insideS* 0.0.0.0 0.0.0.0 [1/0] via xx.xx.xx.xx, outsideYMMK-FIREWALL# sh xlate172 in use, 389 most usedPAT Global xx.xx.xx.xx(59231) Local 192.168.208.100(15005)PAT Global xx.xx.xx.xx(61203) Local 192.168.202.101(1747)PAT Global xx.xx.xx.xx(6897) Local 192.168.208.104(1491)PAT Global xx.xx.xx.xx(23487) Local 192.168.208.103(2972)PAT Global xx.xx.xx.xx(25050) Local 192.168.208.105(1252)…………YMMK-FIREWALL#$YMMK-FIREWALL# exiLogoff[Connection to fw closed by foreign host] SW4500-1#SW4500-1#SW4500-1#SW4500-1#192.168.201.10Trying 192.168.201.10 ... OpenUser Access VerificationPassword:bangonglou1>enPassword:bangonglou1#wr tBuilding configuration...Current configuration : 3815 bytes!version 12.2no service padservice timestamps debug uptime service timestamps log uptimeno service password-encryption!hostname bangonglou1!enable cisco!no aaa new-modelswitch 1 provision ws-c3750g-24t system mtu routing 1500ip subnet-zero!!!!no file verify autospanning-tree mode pvstspanning-tree extend system-id!vlan internal allocation policy ascending !interface GigabitEthernet1/0/1 switchport access vlan 8spanning-tree portfast!interface GigabitEthernet1/0/2 switchport access vlan 2spanning-tree portfast!interface GigabitEthernet1/0/3 switchport access vlan 2spanning-tree portfast!interface GigabitEthernet1/0/4 switchport access vlan 2spanning-tree portfast!interface GigabitEthernet1/0/5 switchport access vlan 2spanning-tree portfast!interface GigabitEthernet1/0/6 switchport access vlan 2spanning-tree portfast!interface GigabitEthernet1/0/7 switchport access vlan 2spanning-tree portfast!interface GigabitEthernet1/0/8 switchport access vlan 2spanning-tree portfast!interface GigabitEthernet1/0/9 switchport access vlan 2spanning-tree portfast!interface GigabitEthernet1/0/10 switchport access vlan 2spanning-tree portfast。
使用Cisco 2610和Cisco 2950配置虚拟局域网(VLAN)之间的路由方法(单臂路由)
使用Cisco 2610和Cisco 2950配置虚拟局域网(VLAN)之间的路由方法网络拓扑如下图:VLAN 192表示192.168.1.0/24网段的电脑,VLAN 172表示172.16.20.0/24网段电脑。
VLAN之间的路由可以有多种方法;A.使用多以太端口路由器,每个VLAN占用一个端口。
B.使用三层交换机。
C.使用单以太端口路由器。
方法C即所谓的单臂路由,它表达得很形象,不象一般的路由,一边进,另一边出,而是哪里进就哪里出。
在C方法下,分述配置步骤:1.在Cisco 2950交换机上配置端口1至8为VLAN 编号172的成员;端口9至16为VLAN编号192的成员;端口24为干道(Trunk),用网线与路由器以太口相连。
Switch#conf tSwitch(config)# int range fastEthernet 0/1 – 8Switch(config-if-range)#switchport mode accessSwitch(config-if-range)#switchport access vlan 172Switch(config-if-range)#exitSwitch(config)# int range fastEthernet 0/9 – 16Switch(config-if-range)#switchport mode accessSwitch(config-if-range)#switchport access vlan 192Switch(config-if-range)#exitSwitch(config)# int fastEthernet 0/24Switch(config-if)#switchport mode trunkSwitch(config-if)#exitSwitch(config)#exitSwitch#sh run查看一下V ALN端口和Trunk端口:Switch#sh vlan查看一下V ALN:2.在Cisco 2610路由器上配置以太端口的子接口,这时需要用CONSOLE线,因为以太端口没有IP地址,无法telnet上去。
思科Vlan配置实例
思科V l a n配置实例思科Vlan配置实例实验配置:SW-2L1、创建VLAN,并将相应端口加入VLANSW-2L#vlan databaseSW-2L(vlan)#vlan 10SW-2L(vlan)#vlan 20SW-2L(vlan)#vlan 30SW-2L(config)#interface f0/1SW-2L(config-if)#switch access vlan 10SW-2L(config)#interface f0/2SW-2L(config-if)#switch access vlan 20SW-2L(config)#interface f0/3SW-2L(config-if)#switch access vlan 302、创建TRUNKSW-2L(config)#interface f0/24SW-2L(config-if)switch mode trunkSW-3L1、创建VLANSW-3L#vlan databaseSW-3L(vlan)#vlan 10SW-3L(vlan)#vlan 20SW-3L(vlan)#vlan30用show vlan-switch查看2、创建TRUNKSW-3L(config)#interface f0/24SW-3L(config-if)#switch mode trunk3、开启三层交换路由功能SW-3L(conifg)#ip routing4、配置VLAN的IPSW-3L(config)#interface vlan 10SW-3L(config-if)#ip address 192.168.10.254 255.255.255.0 SW-3L(config-if)#no shutdownSW-3L(config)#interface vlan 20SW-3L(config-if)#ip address 192.168.20.254 255.255.255.0 SW-3L(config-if)#no shutdownSW-3L(conifg)#interface vlan30SW-3L(config-if)#ip address 192.168.30.254 255.255.255.0 SW-3L(config-if)#no shutdown5、配置三层交换路由接口SW-3L(config)#interface f0/23SW-3L(config-if)#no switchportSW-3L(config-if)#ip address 10.1.1.1 255.255.255.0SW-3L(config-if)#no shutdown6、配置RIP路由SW-3L(config)#router ripSW-3L(config-router)#no auto-summarySW-3L(config-router)#network 192.168.10.0SW-3L(config-router)#network 192.168.20.0SW-3L(config-router)#network 192.168.30.0SW-3L(conifg-router)#network 10.1.1.0RA1、配置端口IPRA(config)#interface f0/0RA(config-if)#ip address 10.1.1.2 255.255.255.0RA(config-if)#no shutdownRA(config)#interface f0/1RA(config-if)#ip address 172.16.1.1 255.255.255.0RA(config-if)#no shutdown用show run interfere vlan vlan-id查看,或者show interfere vlan vlan-id查看2、配置RIP路由RA(config)#router ripRA(config-router)#no auto-summaryRA(config-router)#network 10.1.1.0RA(config-router)#network 172.16.1.0RB1、配置端口IPRB(config)#interface f0/0RB(config-if)#ip address 172.16.1.2 255.255.255.0RB(config-if)#no shutdown2、配置RIP路由RB(config)#router ripRB(config-router)#no auto-summaryRB(config-router)#network 172.16.1.0端口里面配VLAN,VLAN里面配IP。
思科交换机学习第八课:路由器单臂路由配置实现vlan互通
Switch>enable 2960Switch#configure terminalSwitch(config)#vlan 2Switch(config-vlan)#exit 第一步创建vlan Switch(config)#vlan 3Switch(config-vlan)#exitSwitch(config)#interface fastEthernet 0/2Switch(config-if)#switchport access vlan 2Switch(config-if)#exitSwitch(config)#interface fastEthernet 0/3 端口划分vlanSwitch(config-if)#switchport access vlan 3Switch(config-if)#exitSwitch(config)#interface fastEthernet 0/1Switch(config-if)#switchport mode trunk 交换机跟路由器连接的端口改为trunk Switch(config-if)#exitRouter>enable 开启路由器端口Router#configure terminalRouter(config)#interface fastEthernet 0/0Router(config-if)#no shutdownRouter(config-if)#exitRouter(config)#interface fastEthernet 0/0.1 进入子端口Router(config-subif)#%LINK-5-CHANGED: Interface FastEthernet0/0.1, changed state to up%LINEPROTO-5-UPDOWN: Line protocol on Interface FastEthernet0/0.1, changed state to upRouter(config-subif)#encapsulation dot1Q 2Router(config-subif)#ip address 192.168.1.1 255.255.255.0Router(config-subif)#exitRouter(config)#interface fastEthernet 0/0.2 进入子端口Router(config-subif)#%LINK-5-CHANGED: Interface FastEthernet0/0.2, changed state to up%LINEPROTO-5-UPDOWN: Line protocol on Interface FastEthernet0/0.2, changed state to upRouter(config-subif)#encapsulation dot1Q 3Router(config-subif)#ip address 192.168.2.1 255.255.255.0Router(config-subif)#endRouter#show ip routeCodes: C - connected, S - static, I - IGRP, R - RIP, M - mobile, B - BGPD - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter areaN1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2E1 - OSPF external type 1, E2 - OSPF external type 2, E - EGPi - IS-IS, L1 - IS-IS level-1, L2 - IS-IS level-2, ia - IS-IS inter area* - candidate default, U - per-user static route, o - ODRP - periodic downloaded static routeGateway of last resort is not setC 192.168.1.0/24 is directly connected, FastEthernet0/0.1C 192.168.2.0/24 is directly connected, FastEthernet0/0.2dot1q就是802.1q,是vlan的一种封装方式。
思科交换机路由器命令大全
思科交换机路由器命令大全思科交换机和路由器命令大全本文档为思科交换机和路由器命令的最新最全范本,供参考使用。
以下是详细的命令列表,包括每个命令的说明和用法。
一、接口配置命令1、ip address:设置接口的IP地质示例:ip address 192.168.1.1 255.255.255:02、no shutdown:启用接口示例:no shutdown3、duplex:设置接口的双工模式示例:duplex auto4、speed:设置接口的速度示例:speed 1005、exit:退出接口配置模式示例:exit二、VLAN命令1、vlan database:进入VLAN数据库模式示例:vlan database2、vlan id name:创建VLAN并设置名称示例:vlan 10 name VLAN-103、vlan id:删除VLAN示例:no vlan 104、show vlan:显示VLAN信息示例:show vlan5、exit:退出VLAN数据库模式示例:exit三、路由命令1、ip route:设置静态路由示例:ip route 192.168.2:0 255.255.255:0 192.168.1.22、router rip:启用RIP路由协议示例:router rip3、network:将网络添加到RIP路由表中示例:network 10:0:0:04、redistribute:将静态路由或其他路由协议添加到RIP路由表中示例:redistribute static5、exit:退出路由配置模式示例:exit四、ACL命令1、access-list:创建标准或扩展ACL示例:access-list 10 permit 192.168.1:0 0:0:0.2552、ip access-group:应用ACL到接口示例:ip access-group 10 in3、show access-lists:显示ACL信息示例:show access-lists4、exit:退出ACL配置模式示例:exit五、SNMP命令1、snmp-server community:设置SNMP团体字符串示例:snmp-server community public RO2、snmp-server enable traps:启用SNMP陷阱示例:snmp-server enable traps3、snmp-server host:配置SNMP陷阱接收主机示例:snmp-server host 192.168.1.1004、exit:退出SNMP配置模式示例:exit六、SSH命令1、ip ssh version:设置SSH协议版本示例:ip ssh version 22、crypto key generate rsa:RSA密钥对示例:crypto key generate rsa3、username:创建新的本地用户示例:username admin privilege 15 password password1234、exit:退出SSH配置模式示例:exit七、其他命令1、show running-config:显示当前配置示例:show running-config2、copy running-config startup-config:将当前配置保存到启动配置中示例:copy running-config startup-config3、reload:重新启动设备示例:reload4、exit:退出CLI命令行模式示例:exit本文档涉及附件:1、无附件本文所涉及的法律名词及注释:1、ACL(Access Control List):访问控制列表,用于控制网络流量的进出。
思科路由器VLAN的配置
Success rate is 100 percent (5/5), round-trip min/avg/max = 1/2/4 ms
PC1#ping 192.168.1.3
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 192.168.1.3, timeout is 2 seconds:
Switch(vlan)#exit
APPLY completed.
Exiting....
步骤五:查看VLAN是否创建成功
Switch#show vlan
VLAN Name Status Ports
---- -------------------------------- --------- ------------------------------
---- -------------------------------- --------- -----------------------------
1 default active Fa0/5, Fa0/6, Fa0/7, Fa0/8
Fa0/9, Fa0/10, Fa0/11, Fa0/12
Fa0/13, Fa0/14
.....
Success rate is 0 percent (0/5), round-trip min/avg/max = 1/2/4 ms
.....
Success rate is 0 percent (0/5), round-trip min/avg/max = 1/2/4 ms
PC1#ping 192.168.1.4
Type escape sequence to abort.
- 1、下载文档前请自行甄别文档内容的完整性,平台不提供额外的编辑、内容补充、找答案等附加服务。
- 2、"仅部分预览"的文档,不可在线预览部分如存在完整性等问题,可反馈申请退款(可完整预览的文档不适用该条件!)。
- 3、如文档侵犯您的权益,请联系客服反馈,我们会尽快为您处理(人工客服工作时间:9:00-18:30)。
Packet Tracer 5.0建构CCNA实验攻略(2)——配置VLAN
Vlan(Virtual Local Area Network)即虚拟局域网。
VLAN可以把同一个物理网络划分为多个逻辑网段,因此,Vlan可以抑制网络风暴,增强网络的安全性。
一、实例拓扑图
图一交换机Cisco 2960
二、创建VLAN
在Cisco IOS中有两种方式创建vlan,在全局配置模式下使用vlan vlanid命令,如
switch(config)#vlan 10;在vlan database下创建vlan,如switch(vlan)vlan 20
图二创建vlan
三、把端口划分给vlan(基于端口的vlan)
switch(config)#interface fastethernet0/1 进入端口配置模式
switch(config-if)#switchport mode access 配置端口为access模式switch(config-if)#switchport access vlan 10 把端口划分到vlan 10
图三
如果一次把多个端口划分给某个vlan可以使用interface range命令。
图四
四、查看vlan信息
switch#show vlan
图五
图六show vlan brief 查看vlan简明信息图七查看id为10的vlan
图八通过vlan的名字查看vlan
五、删除配置
图九把第0个模块中的第8个端口从vlan 40中删除
图十删除vlan 40
我们还可以为每个vlan配置ip地址。