{"id":1652,"date":"2021-06-05T16:14:57","date_gmt":"2021-06-05T08:14:57","guid":{"rendered":"https:\/\/www.wjxy.net.cn\/?p=1652"},"modified":"2023-10-04T06:32:35","modified_gmt":"2023-10-03T22:32:35","slug":"%e5%8d%8e%e4%b8%ba%e4%ba%a4%e6%8d%a2%e6%9c%ba%e5%bc%80%e5%b1%80%e9%85%8d%e7%bd%ae%e5%8f%8avlan-%e8%ae%be%e7%bd%ae","status":"publish","type":"post","link":"https:\/\/www.wjxy.net.cn\/?p=1652","title":{"rendered":"\u534e\u4e3a\u4ea4\u6362\u673a\u5f00\u5c40\u914d\u7f6e\u53caVLAN \u8bbe\u7f6e"},"content":{"rendered":"

sys<\/p>\n

display interface brief \/\u67e5\u770b\u7aef\u53e3\u8fde\u63a5\u72b6\u6001
\ndisplay interface description
\ndisplay interface brief
\ndisplay ip interface brief
\n\u5177\u4f53\u8bf7\u53c2\u8003: https:\/\/www.wjxy.net.cn\/?p=1660<\/a><\/p>\n

dns resolve\u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \/\u5f00\u542f\u57df\u540d\u89e3\u6790\u529f\u80fd
\ndns server 223.5.5.5\u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0\/\u6307\u5b9adns\u670d\u52a1\u5668
\ndns server 61.177.7.1<\/p>\n

ip route-static 0.0.0.0 0.0.0.0 192.168.100.1\u00a0 \u00a0 \u00a0\/\u914d\u7f6e\u4ea4\u6362\u673a\u7684\u8def\u7531\uff08\u5916\u7f51\u7f51\u5173\u5e94\u8bbe\u7f6e\u4e00\u6761\u8def\u7531\u8868\u53cd\u6307\u5411\u5230\u4ea4\u6362\u673a 192.168.0.0\u00a0 255.255.0.0 192.168.100.2\uff09<\/p>\n

\u4e8c\u7ea7\u4ee5\u4e0b\u4ea4\u6362\u673a\u4e5f\u9700\u8981\u6307\u5b9a\u5230 ip route-static 0.0.0.0 0.0.0.0 192.168.100.2 \u5426\u5219\u5c40\u57df\u7f51\u8bbf\u95ee\u4e0d\u4e86<\/p>\n

aaa\u00a0 \u00a0\/\u8fdb\u5165\u8ba4\u8bc1\u6a21\u5f0f\u8bbe\u7f6e<\/p>\n

local-user admin password\u00a0 \u00a0 \u00a0 \/\u8bbe\u7f6e\u4ea4\u6362\u673a\u5bc6\u7801<\/p>\n

local-user admin privilege level 15\u00a0 \u00a0\/\u5b9a\u4e49\u7528\u6237\u7ea7\u522b\uff0c\u6700\u9ad815<\/p>\n

local-user admin service-type telnet terminal ssh http\u00a0 \u00a0 \u00a0 \u00a0\/\u4e3a\u7528\u6237\u5f00\u542f\u8fde\u63a5\u670d\u52a1<\/p>\n

telnet server enable\u00a0 \u00a0 \u00a0 \u00a0\/\u6253\u5f00 telnet
\ntelnet server-source all-interface \/\u65b0\u7248\u672c\u589e\u52a0\u4e86\u4e00\u4e2a\u547d\u4ee4\uff0cssh http \u4e5f\u4e00\u6837
\nuser-interface vty 0 4\u00a0 \/\u8fdb\u51650~4\u7684VTY\u7528\u6237\u89c6\u56fe<\/p>\n

authentication-mode aaa\u00a0 \u00a0 \/\u914d\u7f6eVTY\u7528\u6237\u7684\u9a8c\u8bc1\u754c\u9762\u4e3aAAA<\/p>\n

protocol inbound all\u00a0 \u00a0\/\u914d\u7f6eVTY\u7528\u6237\u754c\u9762\u652f\u6301\u7684\u534f\u8bae\u4e3a\u6240\u6709<\/p>\n

 <\/p>\n

\u5efaVLAN<\/p>\n

vlan 100\u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0\/\u5efavlan 100
\nvlan batch 10 20\u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0\/\u6279\u91cf\u5efavlan
\ninterface Vlanif100\u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0\/\u5efaVLANIF
\nip address 192.168.100.2 255.255.255.0\u00a0 \u00a0\/\u6307\u5b9avlanif ip\u5730\u5740
\ndhcp select global\u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \/\u6307\u5b9adhcp\u5730\u5740\u6c60<\/p>\n

ip pool vlan100\u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \/\u5efaIP POOL \u7ed9DHCP\u670d\u52a1\u5668
\ngateway-list 192.168.100.2\u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0\/DHCP\u7f51\u5173
\nnetwork 192.168.100.0 mask 255.255.255.0\u00a0 \u00a0 \u00a0 \/DHCP\u7f51\u6bb5
\nexcluded-ip-address 192.168.162.2 192.168.162.20\u00a0 \u00a0 \u00a0 \/DHCP\u4fdd\u7559\u6bb5
\nexcluded-ip-address 192.168.162.255\u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \/DHCP\u4fdd\u7559\u6bb5
\ndns-list 192.168.100.1\u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \/DNS<\/p>\n

port-group group-member GigabitEthernet 0\/0\/1 to GigabitEthernet\u00a0 0\/0\/46\u00a0 \u00a0\/\u6279\u91cf\u914d\u7f6e\u7aef\u53e3<\/p>\n

description link-to-user\u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0\/\u5b9a\u4e49\u7aef\u53e3\u63d0\u793a\u4fe1\u606f<\/p>\n

port link-type access\u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \/access\u6a21\u5f0f<\/p>\n

port default vlan 100\u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0\/\u9ed8\u8ba4VLAN 100<\/p>\n

quit<\/p>\n

interface GigabitEthernet 0\/0\/47<\/p>\n

description link-to-AP
\nport link-type trunk\u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0\/trunk \u6a21\u5f0f
\nport trunk pvid vlan 110\u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0\/\u9ed8\u8ba4\u8fd9\u4e2a\u7aef\u53e3\u83b7\u53d6\u5230\u7684IP\u662fVLAN110(\u6b64\u5904\u6309\u5b9e\u9645\u9700\u8981\u8bbe\u7f6e\uff0c\u4ea4\u6362\u673a\u8fde\u63a5\u53ef\u53bb\u9664\uff09
\nport trunk allow-pass vlan 2 to 4094\u00a0 \/\u5141\u8bb8\u901a\u8fc7TRUNK\u7684VLAN<\/p>\n

 <\/p>\n

acl number 3000\u00a0 \u00a0\/\u5b9a\u4e49ACL3000<\/p>\n

rule 5 deny ip source 192.168.165.0 0.0.0.255 destination 192.168.134.0 0.0.0.255\u00a0 \u00a0 \u00a0\/\u62d2\u7edd192.168.165.0\/24 \u8bbf\u95ee 192.168.134.0\/24
\nrule 10 deny ip source 192.168.165.0 0.0.0.255 destination 192.168.135.0 0.0.0.255
\nrule 15 deny ip source 192.168.165.0 0.0.0.255 destination 192.168.136.0 0.0.1.255 \u00a0 \/\u62d2\u7edd192.168.165.0\/24 \u8bbf\u95ee 192.168.136.0\/23
\nrule 100 permit ip source 192.168.165.0 0.0.0.255\u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \/\u5141\u8bb8192.168.165.0\/24\u5185\u90e8\u4e92\u8bbf<\/p>\n

traffic classifier c1 operator or
\nif-match acl 3000<\/p>\n

traffic behavior b1
\npermit<\/p>\n

traffic policy p1 match-order config
\nclassifier c1 behavior b1<\/p>\n

vlan 165
\ndescription guest-wifi
\ntraffic-policy p1 inbound<\/p>\n

traffic-filter vlan 165 outbound acl 3000<\/p>\n","protected":false},"excerpt":{"rendered":"

sys display interface brief \/\u67e5\u770b\u7aef\u53e3\u8fde\u63a5\u72b6\u6001 display interface […]<\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[29],"tags":[],"_links":{"self":[{"href":"https:\/\/www.wjxy.net.cn\/index.php?rest_route=\/wp\/v2\/posts\/1652"}],"collection":[{"href":"https:\/\/www.wjxy.net.cn\/index.php?rest_route=\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.wjxy.net.cn\/index.php?rest_route=\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.wjxy.net.cn\/index.php?rest_route=\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/www.wjxy.net.cn\/index.php?rest_route=%2Fwp%2Fv2%2Fcomments&post=1652"}],"version-history":[{"count":10,"href":"https:\/\/www.wjxy.net.cn\/index.php?rest_route=\/wp\/v2\/posts\/1652\/revisions"}],"predecessor-version":[{"id":2552,"href":"https:\/\/www.wjxy.net.cn\/index.php?rest_route=\/wp\/v2\/posts\/1652\/revisions\/2552"}],"wp:attachment":[{"href":"https:\/\/www.wjxy.net.cn\/index.php?rest_route=%2Fwp%2Fv2%2Fmedia&parent=1652"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.wjxy.net.cn\/index.php?rest_route=%2Fwp%2Fv2%2Fcategories&post=1652"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.wjxy.net.cn\/index.php?rest_route=%2Fwp%2Fv2%2Ftags&post=1652"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}