华三S7506E核心交换机配置释例

******************************************************************************
* Copyright (c) 2004-2009 Hangzhou H3C Tech. Co., Ltd. All rights reserved. *
* Without the owner's prior written consent,                                 *
* no decompiling or reverse-engineering shall be allowed.                    *
******************************************************************************

<S7506E>dis cur
#
version 5.20, Release 6605P03
#
sysname S7506E
#
super password level 3 cipher ,E_DF/Z7TX/Q=^Q`MAF4<1!!
#
domain default enable system
#
telnet server enable
#
switch-mode standard
#
acl number 3100 name wb
rule 0 permit ip source 192.168.2.0 0.0.0.255 destination 192.168.6.0 0.0.0.255
rule 5 permit ip source 192.168.2.0 0.0.0.255 destination 192.168.7.0 0.0.0.255
rule 10 permit ip source 192.168.2.0 0.0.0.255 destination 192.168.8.0 0.0.0.255
rule 15 permit ip source 192.168.2.0 0.0.0.255 destination 192.168.1.0 0.0.0.255
acl number 3110 name sxf
rule 0 permit ip source 192.168.4.0 0.0.0.255 destination 192.168.6.0 0.0.0.255
rule 5 permit ip source 192.168.4.0 0.0.0.255 destination 192.168.8.0 0.0.0.255
rule 18 permit ip source 192.168.4.0 0.0.0.255 destination 192.168.18.0 0.0.0.255
rule 28 permit ip source 192.168.4.0 0.0.0.255 destination 192.168.28.0 0.0.0.255
rule 38 permit ip source 192.168.4.0 0.0.0.255 destination 192.168.38.0 0.0.0.255
rule 48 permit ip source 192.168.4.0 0.0.0.255 destination 192.168.48.0 0.0.0.255
rule 58 permit ip source 192.168.4.0 0.0.0.255 destination 192.168.58.0 0.0.0.255
rule 68 permit ip source 192.168.4.0 0.0.0.255 destination 192.168.68.0 0.0.0.255
rule 78 permit ip source 192.168.4.0 0.0.0.255 destination 192.168.78.0 0.0.0.255
rule 88 permit ip source 192.168.4.0 0.0.0.255 destination 192.168.88.0 0.0.0.255
rule 98 permit ip source 192.168.4.0 0.0.0.255 destination 192.168.98.0 0.0.0.255
acl number 3120 name server
rule 0 permit ip source 192.168.6.0 0.0.0.255 destination 192.168.4.0 0.0.0.255
rule 5 permit ip source 192.168.6.0 0.0.0.255 destination 192.168.1.0 0.0.0.255
acl number 3140 name lan
rule 0 permit ip source 192.168.8.0 0.0.0.255 destination 192.168.1.0 0.0.0.255
rule 5 permit ip source 192.168.8.0 0.0.0.255 destination 192.168.4.0 0.0.0.255
rule 10 permit ip source 192.168.18.0 0.0.0.255 destination 192.168.1.0 0.0.0.255
rule 15 permit ip source 192.168.18.0 0.0.0.255 destination 192.168.4.0 0.0.0.255
rule 20 permit ip source 192.168.28.0 0.0.0.255 destination 192.168.1.0 0.0.0.255
rule 25 permit ip source 192.168.28.0 0.0.0.255 destination 192.168.4.0 0.0.0.255
rule 30 permit ip source 192.168.38.0 0.0.0.255 destination 192.168.1.0 0.0.0.255
rule 35 permit ip source 192.168.38.0 0.0.0.255 destination 192.168.4.0 0.0.0.255
rule 40 permit ip source 192.168.48.0 0.0.0.255 destination 192.168.1.0 0.0.0.255
rule 45 permit ip source 192.168.48.0 0.0.0.255 destination 192.168.4.0 0.0.0.255
rule 50 permit ip source 192.168.58.0 0.0.0.255 destination 192.168.1.0 0.0.0.255
rule 55 permit ip source 192.168.58.0 0.0.0.255 destination 192.168.4.0 0.0.0.255
acl number 3150 name sales
rule 60 permit ip source 192.168.68.0 0.0.0.255 destination 192.168.1.0 0.0.0.255
rule 65 permit ip source 192.168.68.0 0.0.0.255 destination 192.168.4.0 0.0.0.255
#
vlan 1
#
vlan 2
description WB
#
vlan 4
description sxf
#
vlan 5
description ex_in_server
#
vlan 6
description server
#
vlan 7
description JK

#
vlan 8
description lan
#
vlan 9
description outer
#
vlan 10
description print_server
#
vlan 18
description lan_1fac_18
#
vlan 19
description outer_1fac_19
#
vlan 28
description lan_2fac_28
#
vlan 29
description outer_2fac_29
#
vlan 38
description lan_3fac_38
#
vlan 39
description outer_3fac_39
#
vlan 48
description yikatong
#
vlan 58
description lan_LED_58
#
vlan 59
description outer_LED_59
#
vlan 68
description lan68
#
vlan 69

description outer_lan69
#
vlan 78
description lan78
#
vlan 88
description lan88
#
vlan 98
description lan98
#
vlan 100
description wan
#
vlan 254
description Net-Device
#
radius scheme system
#
domain system
access-limit disable
state active
idle-cut disable
self-service-url disable
#
traffic classifier classifier_wb operator and
if-match acl 3100
traffic classifier classifier_lan operator and
if-match acl 3140
traffic classifier classifier_server operator and
if-match acl 3120
traffic classifier classifier_sxf operator and
if-match acl 3110
#
traffic behavior behavior_wb
filter deny
traffic behavior behavior_server
filter deny
traffic behavior behavior_lan

filter deny
traffic behavior behavior_sxf
filter deny
#
qos policy policy_lan
classifier classifier_lan behavior behavior_lan
qos policy policy_server
classifier classifier_server behavior behavior_server
qos policy policy_sxf
classifier classifier_sxf behavior behavior_sxf
qos policy policy_wb
classifier classifier_wb behavior behavior_wb
#
user-group system
#
local-user admin
password simple guxin@22881
authorization-attribute level 3
service-type ssh telnet terminal
#
interface NULL0
#
interface Vlan-interface1
ip address 192.168.99.254 255.255.255.0
#
interface Vlan-interface2
ip address 192.168.2.254 255.255.255.0
#
interface Vlan-interface4
ip address 192.168.4.254 255.255.255.0
#
interface Vlan-interface5
ip address 192.168.5.254 255.255.255.0
#
interface Vlan-interface6
ip address 192.168.6.254 255.255.255.0
#
interface Vlan-interface7
ip address 192.168.7.254 255.255.255.0

#
interface Vlan-interface8
ip address 192.168.8.254 255.255.255.0
#
interface Vlan-interface9
ip address 192.168.9.254 255.255.255.0
#
interface Vlan-interface10
ip address 192.168.10.254 255.255.255.0
#
interface Vlan-interface18
ip address 192.168.18.254 255.255.255.0
#
interface Vlan-interface19
ip address 192.168.19.254 255.255.255.0
#
interface Vlan-interface28
ip address 192.168.28.254 255.255.255.0
#
interface Vlan-interface29
ip address 192.168.29.254 255.255.255.0
#
interface Vlan-interface38
ip address 192.168.38.254 255.255.255.0
#
interface Vlan-interface39
ip address 192.168.39.254 255.255.255.0
#
interface Vlan-interface48
ip address 192.168.48.254 255.255.255.0
#
interface Vlan-interface58
ip address 192.168.58.254 255.255.255.0
#
interface Vlan-interface59
ip address 192.168.59.254 255.255.255.0
#
interface Vlan-interface68

ip address 192.168.68.254 255.255.255.0

#
interface Vlan-interface69
ip address 192.168.69.254 255.255.255.0
#
interface Vlan-interface78
ip address 192.168.78.254 255.255.255.0
#
interface Vlan-interface88
ip address 192.168.88.254 255.255.255.0
#
interface Vlan-interface98
ip address 192.168.98.254 255.255.255.0
#
interface Vlan-interface100
ip address 192.168.1.254 255.255.255.0
#
interface Vlan-interface254
ip address 192.168.254.254 255.255.255.0
#
interface GigabitEthernet2/0/1
description access vlan8
port access vlan 8
#
interface GigabitEthernet2/0/2
description access vlan8
port access vlan 8
#
interface GigabitEthernet2/0/3
description access vlan8
port access vlan 8
#
interface GigabitEthernet2/0/4
description access vlan8
port access vlan 8
#
interface GigabitEthernet2/0/5
description access vlan8
port access vlan 8
#
interface GigabitEthernet2/0/6
description access vlan8
port access vlan 8

#
interface GigabitEthernet2/0/7
description access vlan8
port access vlan 8
#
interface GigabitEthernet2/0/8
description access vlan8
port access vlan 5
#
interface GigabitEthernet2/0/9
description access vlan8
port access vlan 8
#
interface GigabitEthernet2/0/10
description access vlan8
port access vlan 8
#
interface GigabitEthernet2/0/11
description access vlan8
port access vlan 5
#
interface GigabitEthernet2/0/12
description access vlan9
port access vlan 9
#
interface GigabitEthernet2/0/13
description access vlan8
port access vlan 8
#
interface GigabitEthernet2/0/14
description access vlan8
port access vlan 8
#
interface GigabitEthernet2/0/15
description access vlan5
port access vlan 5
#
interface GigabitEthernet2/0/16
description access vlan5
port access vlan 5
#
interface GigabitEthernet2/0/17
description access vlan5

#
interface GigabitEthernet2/0/18
description access vlan5
port access vlan 5
#
interface GigabitEthernet2/0/19
description access vlan100
port access vlan 100
#
interface GigabitEthernet2/0/20
description access vlan100
port access vlan 100
#
interface GigabitEthernet2/0/21
description 4
port access vlan 4
#
interface GigabitEthernet2/0/22
description 4
port access vlan 4
#
interface GigabitEthernet2/0/23
description to M5400-AC
port access vlan 4
#
interface GigabitEthernet2/0/24
description to S5500_BGL
port link-type trunk
port trunk permit vlan all
#
interface GigabitEthernet3/0/1
port link-type trunk
port trunk permit vlan all
#
interface GigabitEthernet3/0/2
port access vlan 8
#
interface GigabitEthernet3/0/3
port access vlan 8
#
interface GigabitEthernet3/0/4
port access vlan 8
#
interface GigabitEthernet3/0/5
port access vlan 8
#
interface GigabitEthernet3/0/6
port access vlan 8
#
interface GigabitEthernet3/0/7
#
interface GigabitEthernet3/0/8
#
interface GigabitEthernet3/0/9
#
interface GigabitEthernet3/0/10
#
interface GigabitEthernet3/0/11
#
interface GigabitEthernet3/0/12
#
interface GigabitEthernet3/0/13
#
interface GigabitEthernet3/0/14
#
interface GigabitEthernet3/0/15
#
interface GigabitEthernet3/0/16
#
interface GigabitEthernet3/0/17
port access vlan 5
#
interface GigabitEthernet3/0/18
port access vlan 48
#
interface GigabitEthernet3/0/19
description to HW_S5720
port link-type trunk
port trunk permit vlan all
speed 1000
duplex full
#
interface GigabitEthernet3/0/20
port access vlan 7
#
interface GigabitEthernet3/0/21
port access vlan 7
#
interface GigabitEthernet3/0/22
port access vlan 7
#
interface GigabitEthernet3/0/23
port access vlan 7
#
interface GigabitEthernet3/0/24
port access vlan 7
#
interface GigabitEthernet8/0/1
description to S5500_CJ1
port link-type trunk
port trunk permit vlan all
#
interface GigabitEthernet8/0/2
description to S5500_CJ2
port link-type trunk
port trunk permit vlan all
#
interface GigabitEthernet8/0/3
description to s1720-1fc01
port link-type trunk
port trunk permit vlan all
#
interface GigabitEthernet8/0/4
description to HW-S1720-LED01
port link-type trunk
port trunk permit vlan all
#
interface GigabitEthernet8/0/5
description to HW-S1720-2FC01
port link-type trunk
port trunk permit vlan all
#
interface GigabitEthernet8/0/6
port link-type trunk
port trunk permit vlan all
#
interface GigabitEthernet8/0/7
port link-type trunk
port trunk permit vlan all
#
interface GigabitEthernet8/0/8
#
interface GigabitEthernet8/0/9
#
interface GigabitEthernet8/0/10
#
interface GigabitEthernet8/0/11
#
interface GigabitEthernet8/0/12
#
interface M-Ethernet0/0/0
#
ip route-static 0.0.0.0 0.0.0.0 192.168.4.1
#
snmp-agent
snmp-agent local-engineid 800063A2033CE5A68058CB
snmp-agent community read public
snmp-agent community write private
snmp-agent sys-info version all
#
ssh server enable
ssh user admin service-type stelnet authentication-type password
#
qos vlan-policy policy_wb vlan 2 inbound
qos vlan-policy policy_server vlan 6 inbound
qos vlan-policy policy_lan vlan 8 inbound
qos vlan-policy policy_lan vlan 18 inbound
qos vlan-policy policy_lan vlan 28 inbound
qos vlan-policy policy_lan vlan 38 inbound
qos vlan-policy policy_lan vlan 48 inbound
qos vlan-policy policy_lan vlan 58 inbound
qos vlan-policy policy_sxf vlan 4 inbound
qos vlan-policy policy_lan vlan 68 inbound
#
load xml-configuration

#
user-interface aux 0
authentication-mode password
set authentication password cipher ,E_DF/Z7TX/Q=^Q`MAF4<1!!
history-command max-size 20
idle-timeout 6 0
screen-length 30
user-interface vty 0
authentication-mode scheme
user privilege level 3
set authentication password cipher ,E_DF/Z7TX/Q=^Q`MAF4<1!!
history-command max-size 20
idle-timeout 6 0
screen-length 30
protocol inbound ssh
user-interface vty 1 4
authentication-mode scheme
protocol inbound ssh
#
return

华三S7506E核心交换机配置释例

猜你喜欢