Technical planning and configuration of WAN access area of a municipal bank data center - configuration script (4)

This article is sourced from: https://qiuhualin.blog.csdn.net/article/details/123070089?spm=1001.2014.3001.5502

Technical planning and configuration of WAN access area of a municipal bank data center - configuration script (4)

- AR13
- AR14
- AR15
- AR16

AR13

sysname AR13
#
 board add 0/4 2SA 
#
 snmp-agent local-engineid 800007DB03000000000000
 snmp-agent 
#
 clock timezone China-Standard-Time minus 08:00:00
#
portal local-server load flash:/portalpage.zip
#
 drop illegal-mac alarm
#
 wlan ac-global carrier id other ac id 0
#
 set cpu-usage threshold 80 restore 75
#
acl number 2000  
 rule 5 permit source 220.200.0.1 0.0.15.254 
acl number 2001  
 rule 5 permit source 220.200.0.0 0.0.15.254 
#
aaa 
 authentication-scheme default
 authorization-scheme default
 accounting-scheme default
 domain default 
 domain default_admin 
 local-user admin password cipher %$%$K8m.Nt84DZ}e#<0`8bmE3Uw}%$%$
 local-user admin service-type http
#
firewall zone Local
 priority 15
#
interface Serial4/0/0
 link-protocol ppp
 ppp chap user XGang
 ppp chap password cipher %$%$(23h6}-ScNP4d$SJ{
    
    ,$>,A}G%$%$
 ip address 176.0.132.2 255.255.255.252 
#
interface Serial4/0/1
 link-protocol ppp
#
interface GigabitEthernet0/0/0
 ip address 10.0.134.13 255.255.255.0 
 ospf network-type p2p
#
interface GigabitEthernet0/0/1
 ip address 10.0.136.13 255.255.255.0 
 ospf cost 5
 ospf network-type p2p
#
interface GigabitEthernet0/0/2
#
interface NULL0
#
interface LoopBack0
 ip address 13.13.13.13 255.255.255.255 
#
bgp 65200
 peer 15.15.15.15 as-number 65200 
 peer 15.15.15.15 connect-interface LoopBack0
 peer 176.0.132.1 as-number 65001 
 #
 ipv4-family unicast
  undo synchronization
  network 220.200.3.30 255.255.255.255 
  network 220.200.3.31 255.255.255.255 
  network 220.200.3.32 255.255.255.255 
  network 220.200.3.33 255.255.255.255 
  network 220.200.3.34 255.255.255.255 
  network 220.200.3.35 255.255.255.255 
  network 220.200.3.36 255.255.255.255 
  network 220.200.3.37 255.255.255.255 
  network 220.200.3.38 255.255.255.255 
  network 220.200.3.39 255.255.255.255 
  network 220.200.4.40 255.255.255.255 
  network 220.200.4.41 255.255.255.255 
  network 220.200.4.42 255.255.255.255 
  network 220.200.4.43 255.255.255.255 
  network 220.200.4.44 255.255.255.255 
  network 220.200.4.45 255.255.255.255 
  network 220.200.4.46 255.255.255.255 
  network 220.200.4.47 255.255.255.255 
  network 220.200.4.48 255.255.255.255 
  network 220.200.4.49 255.255.255.255 
  peer 15.15.15.15 enable
  peer 15.15.15.15 next-hop-local 
  peer 15.15.15.15 advertise-community
  peer 176.0.132.1 enable
  peer 176.0.132.1 route-policy fabu export
  peer 176.0.132.1 advertise-community
#
ospf 1 router-id 10.13.13.13 
 filter-policy route-policy jujue import
 import-route bgp route-policy btoo
 area 0.0.0.0 
  network 10.0.134.0 0.0.0.255 
  network 10.0.136.0 0.0.0.255 
  network 13.13.13.13 0.0.0.0 
#
route-policy fabu permit node 10 
 if-match acl 2000 
 apply cost 50 
 apply community 200:1 
#
route-policy fabu permit node 20 
 if-match acl 2001 
 apply cost 100 
 apply community 200:2 
#
route-policy btoo permit node 10 
 if-match community-filter 100 
 apply cost 10 
 apply tag 100 
#
route-policy btoo permit node 20 
 if-match community-filter 120 
 apply cost 20 
 apply tag 100 
#
route-policy jujue deny node 10 
 if-match tag 100
#
route-policy jujue permit node 10000 
#
ip community-filter 100 permit :1
ip community-filter 120 permit :2
#
user-interface con 0
 authentication-mode password
user-interface vty 0 4
user-interface vty 16 20
#
wlan ac
#
return

AR14

 sysname AR14
#
 board add 0/1 1GEC 
 board add 0/2 1GEC 
 board add 0/3 1GEC 
 board add 0/4 1GEC 
#
 snmp-agent local-engineid 800007DB03000000000000
 snmp-agent 
#
 clock timezone China-Standard-Time minus 08:00:00
#
portal local-server load portalpage.zip
#
 drop illegal-mac alarm
#
 set cpu-usage threshold 80 restore 75
#
aaa 
 authentication-scheme default
 authorization-scheme default
 accounting-scheme default
 domain default 
 domain default_admin 
 local-user admin password cipher %$%$K8m.Nt84DZ}e#<0`8bmE3Uw}%$%$
 local-user admin service-type http
#
firewall zone Local
 priority 15
#
interface GigabitEthernet0/0/0
 ip address 10.0.134.14 255.255.255.0 
 ospf network-type p2p
#
interface GigabitEthernet0/0/1
 ip address 10.0.145.14 255.255.255.0 
 ospf network-type p2p
#
interface GigabitEthernet0/0/2
 ip address 20.0.143.2 255.255.255.252 
 ospf network-type p2p
#
interface GigabitEthernet1/0/0
 ip address 20.0.144.2 255.255.255.252 
 ospf network-type p2p
#
interface GigabitEthernet2/0/0
#
interface GigabitEthernet3/0/0
#
interface GigabitEthernet4/0/0
#
interface NULL0
#
ospf 1 router-id 10.14.14.14 
 area 0.0.0.0 
  network 10.0.134.0 0.0.0.255 
  network 10.0.145.0 0.0.0.255 
 area 0.0.0.1 
  network 20.0.143.0 0.0.0.3 
  network 20.0.144.0 0.0.0.3 
#
user-interface con 0
 authentication-mode password
user-interface vty 0 4
user-interface vty 16 20
#
wlan ac
#
return

AR15

 sysname AR15
#
 board add 0/4 2SA 
#
 snmp-agent local-engineid 800007DB03000000000000
 snmp-agent 
#
 clock timezone China-Standard-Time minus 08:00:00
#
portal local-server load portalpage.zip
#
 drop illegal-mac alarm
#
 set cpu-usage threshold 80 restore 75
#
acl number 2000  
 rule 5 permit source 220.200.0.1 0.0.15.254 
acl number 2001  
 rule 5 permit source 220.200.0.0 0.0.15.254 
#
aaa 
 authentication-scheme default
 authorization-scheme default
 accounting-scheme default
 domain default 
 domain default_admin 
 local-user admin password cipher %$%$K8m.Nt84DZ}e#<0`8bmE3Uw}%$%$
 local-user admin service-type http
#
firewall zone Local
 priority 15
#
interface Serial4/0/0
 link-protocol ppp
 ppp chap user XGang
 ppp chap password cipher %$%$H%|1+vFc:/2)R#'yu}&S,A1E%$%$
 ip address 176.0.144.2 255.255.255.252 
#
interface Serial4/0/1
 link-protocol ppp
#
interface GigabitEthernet0/0/0
 ip address 10.0.156.15 255.255.255.0 
 ospf network-type p2p
#
interface GigabitEthernet0/0/1
 ip address 10.0.145.15 255.255.255.0 
 ospf network-type p2p
#
interface GigabitEthernet0/0/2
#
interface NULL0
#
interface LoopBack0
 ip address 15.15.15.15 255.255.255.255 
#
bgp 65200
 peer 13.13.13.13 as-number 65200 
 peer 13.13.13.13 connect-interface LoopBack0
 peer 176.0.144.1 as-number 65001 
 #
 ipv4-family unicast
  undo synchronization
  network 220.200.3.30 255.255.255.255 
  network 220.200.3.31 255.255.255.255 
  network 220.200.3.32 255.255.255.255 
  network 220.200.3.33 255.255.255.255 
  network 220.200.3.34 255.255.255.255 
  network 220.200.3.35 255.255.255.255 
  network 220.200.3.36 255.255.255.255 
  network 220.200.3.37 255.255.255.255 
  network 220.200.3.38 255.255.255.255 
  network 220.200.3.39 255.255.255.255 
  network 220.200.4.40 255.255.255.255 
  network 220.200.4.41 255.255.255.255 
  network 220.200.4.42 255.255.255.255 
  network 220.200.4.43 255.255.255.255 
  network 220.200.4.44 255.255.255.255 
  network 220.200.4.45 255.255.255.255 
  network 220.200.4.46 255.255.255.255 
  network 220.200.4.47 255.255.255.255 
  network 220.200.4.48 255.255.255.255 
  network 220.200.4.49 255.255.255.255 
  peer 13.13.13.13 enable
  peer 13.13.13.13 next-hop-local 
  peer 13.13.13.13 advertise-community
  peer 176.0.144.1 enable
  peer 176.0.144.1 route-policy fabu export
  peer 176.0.144.1 advertise-community
#
ospf 1 router-id 10.15.15.15 
 filter-policy route-policy jujue import
 import-route bgp route-policy btoo
 area 0.0.0.0 
  network 10.0.145.0 0.0.0.255 
  network 10.0.156.0 0.0.0.255 
  network 15.15.15.15 0.0.0.0 
#
route-policy fabu permit node 10 
 if-match acl 2001 
 apply cost 50 
 apply community 200:2 
#
route-policy fabu permit node 20 
 if-match acl 2000 
 apply cost 100 
 apply community 200:1 
#
route-policy btoo permit node 10 
 if-match community-filter 120 
 apply cost 10 
 apply tag 100 
#
route-policy btoo permit node 20 
 if-match community-filter 100 
 apply cost 20 
 apply tag 100 
#
route-policy jujue deny node 10 
 if-match tag 100
#
route-policy jujue permit node 10000 
#
ip community-filter 100 permit :1
ip community-filter 120 permit :2
#
user-interface con 0
 authentication-mode password
user-interface vty 0 4
user-interface vty 16 20
#
wlan ac
#
return

AR16

 sysname AR16
#
 board add 0/1 1GEC 
 board add 0/2 1GEC 
 board add 0/3 1GEC 
 board add 0/4 1GEC 
#
 snmp-agent local-engineid 800007DB03000000000000
 snmp-agent 
#
 clock timezone China-Standard-Time minus 08:00:00
#
portal local-server load portalpage.zip
#
 drop illegal-mac alarm
#
 set cpu-usage threshold 80 restore 75
#
aaa 
 authentication-scheme default
 authorization-scheme default
 accounting-scheme default
 domain default 
 domain default_admin 
 local-user admin password cipher %$%$K8m.Nt84DZ}e#<0`8bmE3Uw}%$%$
 local-user admin service-type http
#
firewall zone Local
 priority 15
#
interface GigabitEthernet0/0/0
 ip address 10.0.136.16 255.255.255.0 
 ospf network-type p2p
#
interface GigabitEthernet0/0/1
 ip address 10.0.156.16 255.255.255.0 
 ospf network-type p2p
#
interface GigabitEthernet0/0/2
 ip address 20.0.163.2 255.255.255.252 
 ospf network-type p2p
#
interface GigabitEthernet1/0/0
 ip address 20.0.164.2 255.255.255.252 
 ospf network-type p2p
#
interface GigabitEthernet2/0/0
#
interface GigabitEthernet3/0/0
#
interface GigabitEthernet4/0/0
#
interface NULL0
#
ospf 1 router-id 10.16.16.16 
 area 0.0.0.0 
  network 10.0.136.0 0.0.0.255 
  network 10.0.156.0 0.0.0.255 
 area 0.0.0.1 
  network 20.0.163.0 0.0.0.3 
  network 20.0.164.0 0.0.0.3 
#
user-interface con 0
 authentication-mode password
user-interface vty 0 4
user-interface vty 16 20
#
wlan ac
#
return

Technical planning and configuration of WAN access area of a municipal bank data center - configuration script (4)

Technical planning and configuration of WAN access area of ​​a municipal bank data center - configuration script (4)

AR13

AR14

AR15

AR16

おすすめ

Technical planning and configuration of WAN access area of a municipal bank data center - configuration script (4)