CISCO 网络设备使用及配置文档
- 1、下载文档前请自行甄别文档内容的完整性,平台不提供额外的编辑、内容补充、找答案等附加服务。
- 2、"仅部分预览"的文档,不可在线预览部分如存在完整性等问题,可反馈申请退款(可完整预览的文档不适用该条件!)。
- 3、如文档侵犯您的权益,请联系客服反馈,我们会尽快为您处理(人工客服工作时间:9:00-18:30)。
CISCO 网络设备使用及配置文档
一、网络结构:光纤传输-------光猫----------路由器2800的F0/1(外网地址:58.221.220.166)
-------路由器的F0/0口(内网网关IP:192.168.1.1)-----------防火墙ASA5510的0(透明模式为外接口)-------防火墙的1(透明模式为内接口)-------------核心交换3560G的(G1 和G2 都可以上接)------核心交换机的其它接口分别对应各层接入交换机。
二、设备配置说明:
路由器:F0/1 IP 是58.221.220.166 掩码:255.255.255.252 网关:58.221.220.165 F0/0 IP是192.168.1.1 掩码:255.255.255.0
远程TELNET 的用户名:admin 密码:admin@123 特权密码:cisco
防火墙:F0/0 是外部接口F0/1是内部接口系统管理IP 192.168.1.2 网关192.168.1.1 掩码:255.255.255.0 远程TELNET 密码:cisco特权密码:cisco
核心交换:G1-G2 VLAN 1 IP 地址:192.168.1.3 掩码:255.255.255.0
G3-G4 VLAN10 IP 地址:192.168.10.254 掩码:255.255.255.0
G5-G6 VLAN20 IP 地址:192.168.20.254 掩码:255.255.255.0
G7-G8 VLAN30 IP地址:192.168.30.254 掩码:255.255.255.0
G9-G10 VLAN40 IP地址:192.168.40.254 掩码:255.255.255.0
G11-G12 VLAN50 IP地址:192.168.50.254 掩码:255.255.255.0
G13-G14 VLAN60 IP地址:192.168.60.254 掩码:255.255.255.0
G21-G22 VLAN70 IP地址:192.168.70.254 掩码:255.255.255.0
G23-G24 VLAN80 IP地址:192.168.80.254 掩码:255.255.255.0
DHCP:各个VLAN 分发IP地址及其它信息。
远程管理密码:cisco 特权密码:cisco
三、设备配置文档:
路由器:
router#sh run
Building configuration...
Current configuration : 4111 bytes
!
! Last configuration change at 05:16:34 UTC Tue Nov 9 2010
!
version 15.0
service timestamps debug datetime msec
service timestamps log datetime msec
no service password-encryption
!
hostname router
!
boot-start-marker
boot-end-marker
!
logging buffered 51200 warnings
enable password cisco
!
aaa new-model
!
aaa user profile admin
!
!
!
!
!
!
aaa session-id common
!
ip source-route
!
!
ip cef
!
!
ip domain name
multilink bundle-name authenticated
!
!
!
license udi pid CISCO2811 sn FHK1426F4LU
username admin password 0 admin@123
!
!
!
!
!
!
interface FastEthernet0/0
description $ETH-LAN$$ETH-SW-LAUNCH$$INTF-INFO-FE 0/0$
ip address 192.168.1.1 255.255.255.0
ip nat inside
ip virtual-reassembly
rate-limit output access-group 100 1024000 64000 64000 conform-action transmit exceed-action drop
rate-limit output access-group 101 1024000 64000 64000 conform-action transmit
exceed-action drop
duplex auto
speed auto
!
interface FastEthernet0/1
description to-ISP-NET
ip address 58.221.220.166 255.255.255.252
ip nat outside
ip virtual-reassembly
duplex auto
speed auto
!
ip forward-protocol nd
!
!
ip http server
ip http timeout-policy idle 60 life 86400 requests 10000
ip nat inside source list 1 interface FastEthernet0/1 overload ip route 0.0.0.0 0.0.0.0 58.221.220.165
ip route 192.168.10.0 255.255.255.0 192.168.1.3
ip route 192.168.20.0 255.255.255.0 192.168.1.3
ip route 192.168.30.0 255.255.255.0 192.168.1.3
ip route 192.168.40.0 255.255.255.0 192.168.1.3
ip route 192.168.50.0 255.255.255.0 192.168.1.3
ip route 192.168.60.0 255.255.255.0 192.168.1.3
ip route 192.168.70.0 255.255.255.0 192.168.1.3
ip route 192.168.80.0 255.255.255.0 192.168.1.3
!
access-list 1 permit 192.168.1.0 0.0.0.255
access-list 1 permit 192.168.10.0 0.0.0.255
access-list 1 permit 192.168.20.0 0.0.0.255
access-list 1 permit 192.168.30.0 0.0.0.255
access-list 1 permit 192.168.40.0 0.0.0.255
access-list 1 permit 192.168.50.0 0.0.0.255
access-list 1 permit 192.168.60.0 0.0.0.255
access-list 1 permit 192.168.70.0 0.0.0.255
access-list 1 permit 192.168.80.0 0.0.0.255
access-list 100 permit ip any 192.168.80.0 0.0.0.255 access-list 101 permit ip any 192.168.80.0 0.0.0.255
!
!
control-plane
!
banner exec ^C