H3C S5130交换机基本配置
- H3C交换机基本配置
-
- 1.密码恢复:
- 2.划分vlan配置ip
- 3.acl包过滤
- 4.静态路由
- 5.ntp配置
- 6.snmp
- 7.telnet
- 8.ssh
- 9.ftp
- 10.lldp
- 11.Vpn实例
-
- **(1)**SW1、SW2、SW3根据(图2)中的相关IP地址进行配置部署。
- **(2)**SW1配置去往3.3.3.3/32网段的静态路由;SW3配置去往1.1.1.1/32网段的静态路由
- **(3)**SW2在实例12中配置去往1.1.1.1/32网段的静态路由;在非实例中配置去往3.3.3.3/32网段的静态路由
- **(4)**SW2在非实例路由表中增加去往1.1.1.1/32网段,下一跳为实例12中CE接口地址的静态路由
- **(5)**SW2在实例12路由表中增加去往3.3.3.3/32网段,下一跳为非实例中CE接口地址的静态路由
- **(6)**在添加静态路由后,观察此时SW2路由表。
- **(7)**SW2在vpn实例12路由表中添加了去往3.3.3.3网段路由配置,增加public参数。
- **(8)**在SW1、SW3上互ping测试正常,及VPN实例业务与非VPN实例业务可以互通。
- 12.ospf
- 13.vrrp
- 14.m-lag
- 15.aaa用户
- 16.mpls
- 17.BGP
- 18.dos攻击
- 19.irf
- 20.isis
- 21.trunk口
前言:
相关资源:
-
H3C高端交换机系列(S12500X-AF/S12500-X/S9800)配置指导手册:涵盖基础配置、IP业务、路由及MPLS技术
-
H3C高端交换机系列(S12500X-AF/S12500-X/S9800/S5130)配置指导手册:涵盖基础配置、IP业务、路由及MPLS技术
H3C交换机基本配置
1.密码恢复:
进入bootroom菜单清除Consle密码
通过console线和CRT软件连接并登陆设备,然后把设备断电重启。控制台上会打印如下信息,当出现“press Ctrl+B”的时候快速按住“Ctrl+B” 进入botroom菜单
Starting......
Press Ctrl+D to access BASIC BOOT MENU
Booting Normal Extend BootWare....
********************************************************************************
\* *
\* H3C S5024PV5-EI-PWR Switch BOOTROM, Version 145 *
\* *
********************************************************************************
Copyright (c) 2004-2022 New H3C Technologies Co., Ltd.
Creation Date : Jan 13 2022, 18:27:59
CPU Clock Speed : 800MHz
Memory Size : 512MB
Flash Size : 256MB
CPLD Version : 001
PCB Version : Ver.C
Mac Address : 70c6ddab4188
Press Ctrl+B to access EXTENDED BOOT MENU...
Password recovery capability is enabled.
EXTENDED BOOT MENU
1. Download image to flash
2. Select image to boot
3. Display all files in flash
4. Delete file from flash
5. Restore to factory default configuration
6. Enter BootRom upgrade menu
7. Skip current system configuration
8. Set switch startup mode
9. Set The Operating Device
10. Reboot
Ctrl+Z: Access EXTENDED ASSISTANT MENU
Ctrl+F: Format file system
Ctrl+P: Change authentication for console login
Ctrl+R: Download image to SDRAM and run
Ctrl+C: Display Copyright
Enter your choice(0-9): //这里按Ctrl+P修改console登陆密码
Authentication is required for console login.
Are you sure you want to skip the authentication for console login? (Y/N):Y
Setting...Done.
EXTENDED BOOT MENU
1. Download image to flash
2. Select image to boot
3. Display all files in flash
4. Delete file from flash
5. Restore to factory default configuration
6. Enter BootRom upgrade menu
7. Skip current system configuration
8. Set switch startup mode
9. Set The Operating Device
10. Reboot
Ctrl+Z: Access EXTENDED ASSISTANT MENU
Ctrl+F: Format file system
Ctrl+P: Change authentication for console login
Ctrl+R: Download image to SDRAM and run
Ctrl+C: Display Copyright
Enter your choice(0-9): 0 //这里输入0回车重启设备
Starting......
Press Ctrl+D to access BASIC BOOT MENU
Booting Normal Extend BootWare....
重启后进入用户更改密码即可
\# 进入本地账号admin视图,直接配置新密码为654321即可,然后退出保存。
[H3C] local-user admin *//**进入本地账号*admin*c**视图*
[H3C-luser-admin] password simple a123456789 *//**配置新密码为a123456789*
[H3C-luser-admin] quit *//**退出当前视图*
[H3C] save force *//**保存配置*
2.划分vlan配置ip
进入命令行,创建VLAN 5、VLAN6、VLAN7并配置****ip
<H3C>system-view *//**进入系统视图*
System View: return to User View with Ctrl+Z.
[H3C]vlan 5 *//**创建**vlan5*
[H3C-vlan5]quit *//**退出当前视图*
[H3C]vlan 6 *//**创建**vlan6*
[H3C-vlan6]quit *//**退出当前视图*
[H3C]vlan 7 *//**创建**vlan7*
[H3C-vlan7]quit *//**退出当前视图*
[H3C]interface vlan 5
[H3C-interface-vlan5]ip address 192.168.5.1 24
[H3C-interface-vlan5]quit
[H3C]interface vlan 6
[H3C-interface-vlan6]ip address 192.168.6.1 24
[H3C-interface-vlan6]quit
[H3C]interface vlan 7
[H3C-interface-vlan5]ip address 192.168.7.1 24
[H3C-interface-vlan7]quit
将接口分别加入****VLAN 中,有以下2种方法
方法一:在VLAN 5视图里面将GigabitEthernet1/0/5口加入VLAN 5中:
[H3C-vlan5]port GigabitEthernet1/0/5 *//**将**g1/0/5**接口加入**vlan5*
[H3C-vlan5]quit *//**退出当前视图*
方法二:在GigabitEthernet1/0/5的接口视图下,将PVID属性改为VLAN 5:
[H3C]interface GigabitEthernet1/0/5 *//**进到**g1/0/5**接口下*
[H3C-GigabitEthernet1/0/5]port access vlan 5 *//**将**g1/0/5**端口加入到**vlan5*
[H3C-GigabitEthernet1/0/5]quit *//**退出当前视图*
GigabitEthernet1/0/6 、GigabitEthernet1/0/7口以及加入VLAN6、VLAN7的方式也如此,此处不在赘述
保存配置
[H3C]save force *//**保存配置*
3.acl包过滤
核心交换机上划分2个VLAN网段,VLAN 10和VLAN 20。PC1属于VLAN 10,PC2属于VLAN20,要求VLAN 10和VLAN 20之间不能互相访问
接口配置及vlan划分
<H3C>system-view *//**进入系统视图*
System View: return to User View with Ctrl+Z.
[H3C]vlan 10 *//**创建**vlan 10*
[H3C]quit *//**退出当前视图*
[H3C I]vlan 20 *//**创建**vlan20*
[H3C]quit *//**退出当前视图*
[H3C]int g1/0/10 *//**进入**g1/0/10**接口*
[H3C-GigabitEthernet1/0/10]port access vlan 10 *//**将**g1/0/10**接入划入**vlan10*
[H3C -GigabitEthernet1/0/10]quit *//**退出当前视图*
[H3C]int vlan 10 *//**创建**vlan10**虚接口*
[H3C-Vlan-interface10]ip add 192.168.10.1 24 *//**配置接口**IP**地址为**192.168.10.1**,掩码为**24**位*
[H3C-Vlan-interface10]quit *//**退出当前视图*
[H3C]int g1/0/20 *//**进入**g1/0/20**接口*
[H3C-GigabitEthernet1/0/20]port access vlan 20 *//**将接口划入**vlan20*
[H3C-GigabitEthernet1/0/20]quit *//**退出当前视图*
[H3C]int vlan 20 *//**创建**vlan20**虚接口*
[H3C-Vlan-interface20]ip add 192.168.20.1 24 *//**配置接口**IP**地址为**192.168.20.1**,掩码为**24**位*
[H3C-Vlan-interface20]quit *//**退出当前视图*
创建包过滤策略
[H3C]acl advanced 3000
最低0.47元/天 解锁文章
扫一扫
7863
被折叠的 条评论
为什么被折叠?
到【灌水乐园】发言
