1、目 录 配置 OSPF 2 配置 RIP . 2 引入静态路由 . 2 发布静态路由 . 2 设置 chap认证 . 2 给交换机 vlan添加端口 . 3 设置 trunk口 3 配置 stp . 3 NAT 设置 3 Acl 4 PPP+PAP. 4 NAT server . 6 telnet . 6 链路聚合 . 7 配置 RTA为 DHCP服务器 8 配置 OSPF RTAospf RTA-ospf-1area 0 RTA-ospf-1-area-0.0.0.0network 10.1.1.4 0.0.0.1(反掩码 ) RTA-ospf-1-area-0.0.0.0quit 配置 R
2、IP Rip Version 2 Network 网络号 引入静态路由 RTC-ospf-1import static 发布 默认 路由 RTA-ospf-1default-route-advertise RTA-rip-1default-route only/ 设置 chap认证 RTAlocal-user rtb class network New local user added. RTA-luser-network-rtbpassword simple pwdpwd RTA-luser-network-rtbservice-type ppp RTA-luser-network-rtbq
3、uit RTAinterface s1/0 RTA-Serial1/0ppp authentication-mode chap RTBinterface s1/0 RTB-Serial1/0ppp chap user rtb RTB-Serial1/0ppp chap password simple pwdpwd 给交换机 vlan添加端口 SWAvlan 10 SWA-vlan10port g1/0/1 to g1/0/10 设置 trunk口 SWAinterface g1/0/11 SWA-GigabitEthernet1/0/11port link-type trunk SWA-Gig
4、abitEthernet1/0/11port trunk permit vlan all 配置 stp SWBstp global enable SWBstp priority 4096(设置优先级) J进入端口 stp edged-port配置边缘端口 NAT 设置 RTCacl basic 2000 RTC-acl-ipv4-basic-2000rule 0 permit source 192.168.0.0 0.0.0.255 RTC-acl-ipv4-basic-2000quit RTCnat address-group 1 RTC-address-group-1address 101
5、.1.1.1 101.1.1.8 RTC-address-group-1quit RTCinter s2/0 RTC-Serial2/0nat outbound 2000 address-group 1 RTC-Serial2/0quit 此时 RTD的返回包 RTD ip route-static 101.1.1.0 28 100.1.0.1 Acl RTDacl ad RTDacl advanced 3000 RTD-acl-ipv4-adv-3000rule deny icmp source 192.168.1.2 0 destination 100.1.1.2 0 RTD-acl-ip
6、v4-adv-3000quit RTDint g0/0 RTD-GigabitEthernet0/0packet-filter 3000 inbound PPP+PAP ( 1) 封装 ppp协议 RTCinterface s1/0 RTC-Serial1/0link-protocol ppp RTC-Serial1/0baudrate 2048000 RTC-Serial1/0quit 同样的方法给 RTA封装 ppp协议,但不需要设置波特率 ( 2)在 RTc上配置本地用户名和密码 RTClocal-user rt class network RTC-luser-network-rtser
7、vice-type ppp RTC-luser-network-rtpassword simple pwdpwd RTC-luser-network-rtquit 在 RTA上配置本地验证对端 RTA方式为 PAP RTCinterface s1/0 RTC-Serial1/0link-protocol ppp RTC-Serial1/0ppp authentication-mode pap 配置 chap认证 RTCinterface s3/0 RTC-Serial1/0ppp authentication-mode chap ( 3)在 RTA上配置 PAP验证时发送的用户名和密码 RTA
8、interface s1/0 RTA-Serial1/0link-protocol ppp RTA-Serial1/0ppp pap local RTA-Serial1/0ppp pap local-user rt password simple pwdpwd Chap的被验证方 RTCinterface s3/0 RTC-Serial3/0link-protocol ppp RTC-Serial3/0ppp chap user rt RTC-Serial3/0ppp chap password simple pwdpwd NAT server RTCinterface s2/0 RTC-Se
9、rial2/0nat server protocol tcp global 101.1.1.19 80 inside 192.168.1.254 80 telnet telnet只用密码进行验证 RTAtelnet server enable RTAline vty 0 63 RTA-line-vty0-63authentication-mode password RTA-line-vty0-63set authentication password simple 3011设置登录密码 RTA-line-vty0-63user-role level-15 设 置 登 录 级 别( networ
10、k-admin) 通过用户名和密码登录 RTAtelnet server enable RTAline vty 0 63 RTA-line-vty0-63authentication-mode scheme RTAlocal-user test RTA-luser-manage-test password simple test RTA-luser-manage-testservice-type telnet RTA-luser-manage-testauthorization-attribute user-role test 链路聚合 SWAinterface Bridge-Aggregat
11、ion 1 SWA-Bridge-Aggregation1quit SWAinterface g 1/0/23 SWA-GigabitEthernet1/0/23port link-aggregation group 1 SWA-GigabitEthernet1/0/23quit SWAinterface g 1/0/24 SWA-GigabitEthernet1/0/24port link-aggregation group 1 Display link-aggregation summary 配置 RTA为 DHCP服务器 RTAdhcp enable RTAdhcp server forbidden-ip 192.168.0.1 RTAdhcp server ip-pool pool1 RTA-dhcp-pool-pool1network 192.168.0.0 24 RTA-dhcp-pool-pool1gateway-list 192.168.0.1 RTA-dhcp-pool-pool1quit
