当前位置:Gxlcms > mysql > Catalyst4006交换机的配置实例

Catalyst4006交换机的配置实例

时间:2021-07-01 10:21:17 帮助过:53人阅读

一、CAT4006引擎模块WS-X4013的 配置 清单 (其中包括:基本设置、VLAN的 配置 、通道 配置 、以及端口镜像口的1/2设置连接千兆IDS) Cisco Systems, Inc. Console Enter password: CAT4006> enable Enter password: CAT40 06> (enable) ....... ...........

一、CAT4006引擎模块WS-X4013的配置清单

(其中包括:基本设置、VLAN的配置、通道配置、以及端口镜像口的1/2设置连接千兆IDS)

Cisco Systems, Inc. Console

Enter password:

CAT4006> enable

Enter password:

CAT40

06> (enable)

.......

..................

..................

....................

....................

..

begin

!

# ***** NON-DEFAULT CONFIGURATION *****

!

!

#time: Mon Apr 11 2005, 22:02:13

!

#version 6.1(1)

!

!

#system web interface version(s)

set password *********************

set enablepass *********************

!

#test

!

#system

set system name CAT4006

!

#frame distribution method

set port channel all distribution mac both

!

#vtp

set vtp domain hngazk

set vlan 1 name default type ethernet mtu 1500 said 100001 state active

set vlan 16 name Old_Bangong type ethernet mtu 1500 said 100016 state active

set vlan 17 name Server_Manage type ethernet mtu 1500 said 100017 state active

set vlan 18 name New_Bangong type ethernet mtu 1500 said 100018 state active

set vlan 19 name Library type ethernet mtu 1500 said 100019 state active

set vlan 20 name New_Shiyanzhongxin type ethernet mtu 1500 said 100020 state active

set vlan 22 name Old_Shiyanzhongxin type ethernet mtu 1500 said 100022 state active

set vlan 23 name CaiZhuan_Jiashuyuan type ethernet mtu 1500 said 100023 state active

set vlan 1002 name fddi-default type fddi mtu 1500 said 101002 state active

set vlan 1004 name fddinet-default type fddinet mtu 1500 said 101004 state active stp ieee

set vlan 1005 name trnet-default type trbrf mtu 1500 said 101005 state active stp ibm

set vlan 1003 name token-ring-default type trcrf mtu 1500 said 101003 state active mode srb aremaxhop 0 stemaxhop 0 backupcrf off

!

#ip

set interface sc0 17 21x.xxx.17.253/255.255.255.0 21x.xxx.xxx.255

set interface sl0 down

set interface me1 down

set ip route 0.0.0.0/0.0.0.0 21x.xxx.xxx.254

!

#dns

set ip dns server 21x.xxx.xxx.2 primary

set ip dns enable

!

#syslog

set logging level cops 2 default

!

#set boot command

set boot config-register 0x2

set boot system flash bootflash:cat4000.6-1-1.bin

!

#mls

set mls nde disable

!

#port channel

set port channel 3/1-4 636

!

#module 1 : 2-port 1000BaseX Supervisor

set udld enable 1/1

set trunk 1/1 nonegotiate dot1q 1-1005

set trunk 1/2 nonegotiate dot1q 1-1005

!

#module 2 : 6-port 1000BaseX Ethernet

set vlan 20 2/3

set port name 2/1 Old_Shiyanzhongxin

set port name 2/2 Library

set port name 2/3 New_Shiyanzhongxin

set port name 2/4 New_Bangong

set port name 2/5 CaiZhuan_Jiashuyuan

set port name 2/6 Old_Shiyanzhongxin

set udld enable 2/6

set udld disable 2/3

set trunk 2/1 nonegotiate dot1q 1-1005

set trunk 2/2 nonegotiate dot1q 1-1005

set trunk 2/3 nonegotiate dot1q 1-1005

set trunk 2/4 nonegotiate dot1q 1-1005

set trunk 2/5 nonegotiate dot1q 1-1005

set trunk 2/6 nonegotiate dot1q 1-1005

!

#module 3 : 34-port Router Switch Card

set vlan 16 3/3-9,3/11-19,3/26-34

set vlan 17 3/10,3/20

set vlan 18 3/21

set vlan 19 3/22

set vlan 20 3/23

set vlan 22 3/24

set vlan 23 3/25

set port name 3/1 Firewall_Talent

set trunk 3/1 nonegotiate dot1q 1-1005

set trunk 3/2 nonegotiate dot1q 1-1005

set port channel 3/1-2 mode on

!

#module 4 : 34-port 10/100/1000 Ethernet

set vlan 16 4/5-9,4/11,4/15-34

set vlan 17 4/3-4,4/10,4/12-14

set trunk 4/1 nonegotiate dot1q 1-1005

set trunk 4/2 nonegotiate dot1q 1-1005

!

#module 5 empty

!

#module 6 empty

!

#switch port analyzer

set span 2/1-6,3/1-34,4/1-34 1/2 both inpkts disable learning enable create

end

CAT4006> (enable)

二、WS-X4232-L3三层路由模块的配置清单

(其中包括:VLAN路由、访问控制列表、三层模块与交换机背板通道的配置等等)

WS-X4232-L3#

Using 4055 out of 126968 bytes

!

version 12.0

no service pad

service timestamps debug uptime

service timestamps log uptime

no service password-encryption

!

hostname WS-X4232-L3

!

enable secret 5 *****************

enable password **********

!

ip subnet-zero

!

!

!

interface Port-channel1

no ip address

no ip directed-broadcast

hold-queue 300 in

!

interface Port-channel1.1

encapsulation dot1Q 1 native

ip address 10.10.1.254 255.255.255.0

ip access-group 110 in

ip access-group 110 out

no ip redirects

no ip directed-broadcast

!

interface Port-channel1.16

encapsulation dot1Q 16

ip address 21x.xxx.16.254 255.255.255.0

ip access-group 110 in

ip access-group 110 out

no ip redirects

no ip directed-broadcast

!

interface Port-channel1.17

encapsulation dot1Q 17

ip address 21x.xxx.17.254 255.255.255.0

ip access-group 110 in

ip access-group 110 out

no ip redirects

no ip directed-broadcast

!

interface Port-channel1.18

encapsulation dot1Q 18

ip address 21x.xxx.18.254 255.255.255.0

ip access-group 110 in

ip access-group 110 out

no ip redirects

no ip directed-broadcast

!

interface Port-channel1.19

encapsulation dot1Q 19

ip address 21x.xxx.19.254 255.255.255.0

ip access-group 110 in

ip access-group 110 out

no ip redirects

no ip directed-broadcast

!

interface Port-channel1.20

encapsulation dot1Q 20

ip address 21x.xxx.21.254 255.255.254.0 secondary

ip address 21x.xxx.20.254 255.255.254.0

ip access-group 110 in

ip access-group 110 out

no ip redirects

no ip directed-broadcast

!

interface Port-channel1.22

encapsulation dot1Q 22

ip address 21x.xxx.22.254 255.255.255.0

ip access-group 110 in

ip access-group 110 out

no ip redirects

no ip directed-broadcast

!

interface Port-channel1.23

encapsulation dot1Q 23

ip address 21x.xxx.23.254 255.255.255.0

ip access-group 110 in

ip access-group 110 out

no ip redirects

no ip directed-broadcast

!

interface FastEthernet1

no ip address

no ip directed-broadcast

shutdown

!

interface GigabitEthernet1

ip address 21x.xxx.xxx.xxx 255.255.255.240

ip access-group 110 in

ip access-group 110 out

no ip directed-broadcast

!

interface GigabitEthernet2

no ip address

no ip directed-broadcast

!

interface GigabitEthernet3

no ip address

no ip directed-broadcast

no negotiation auto

channel-group 1

!

interface GigabitEthernet4

no ip address

no ip directed-broadcast

no negotiation auto

channel-group 1

!

ip classless

ip route 0.0.0.0 0.0.0.0 2xx.xxx.xxx.xxx

!

access-list 110 deny tcp any any eq echo

access-list 110 deny tcp any any eq chargen

access-list 110 deny tcp any any eq 135

access-list 110 deny tcp any any eq 136

access-list 110 deny tcp any any eq 137

access-list 110 deny tcp any any eq 138

access-list 110 deny tcp any any eq 139

access-list 110 deny tcp any any eq 389

access-list 110 deny tcp any any eq 445

access-list 110 deny tcp any any eq 4444

access-list 110 deny udp any any eq tftp

access-list 110 deny udp any any eq 135

access-list 110 deny udp any any eq 136

access-list 110 deny udp any any eq netbios-ns

access-list 110 deny udp any any eq netbios-dgm

access-list 110 deny udp any any eq netbios-ss

access-list 110 deny udp any any eq 389

access-list 110 deny udp any any eq 445

access-list 110 deny udp any any eq 1434

access-list 110 deny udp any any eq 1433

access-list 110 deny udp any any eq 1025

access-list 110 deny udp any any eq 455

access-list 110 deny udp any any eq 5554

access-list 110 deny udp any any eq 9996

access-list 110 deny udp any any eq 6129

access-list 110 deny udp any any eq 3127

access-list 110 deny udp any any eq 2745

access-list 110 deny tcp any any eq 6669

access-list 110 deny tcp any any eq 1023

access-list 110 deny tcp any any eq 1024

access-list 110 deny tcp any any eq 3332

access-list 110 deny tcp any any eq 69

access-list 110 deny udp any any eq 593

access-list 110 deny tcp any any eq 593

access-list 110 permit ip any any

arp 127.0.0.2 0005.5e73.9300 ARPA

!

line con 0

transport input none

line aux 0

line vty 0 4

password **********

login

!

end

WS-X4332-L3#

人气教程排行