返回列表 发帖
坏的刚刚好 该用户已被删除
楼主 跳转到 » 正序看帖
打印
tT
坏的刚刚好发表于 2005-8-21 02:10 | 只看该作者

2621之间的配

某校之间的2621配置。
一、主要配置内容
1. 配置系统管理密码
2. 配置不同3. INTERFACE(接口)IP地址
4. 配置与大学之间的TUNNEL
5. 配置地址翻译NAT
6. 配置静态路由及动态路由协议OSPF
二、主要配置说明
Router2621#show run
Building configuration...
Current configuration:
!
version 12.1
service timestamps debug uptime
service timestamps log uptime
no service password-encryption
!
hostname Router2621 //设置主机名,即命令行前提示符,CONFIG T进入配置模式,HOSTNAME +命名即可
!
enable password 123 //设置超级用户密码
!
!
!
!
!
ip subnet-zero
no ip domain-lookup
!
ip inspect name rock ftp alert on audit-trail on timeout 6000
ip inspect name rli http alert on audit-trail on
ip inspect name hong tcp
ip inspect name wang tcp alert on audit-trail on
ip audit notify log
ip audit po max-events 100
isdn voice-call-failure 0
!
!
!
//设置逻辑接口LOOPBACK0的IP 地址,主要为地址翻译用,对外翻译地址为211.67.96.254
interface Loopback0
ip address 211.67.96.254 255.255.255.0
!
//与大学路由器做TUNNEL,并设置地址翻译
interface Tunnel3
bandwidth 10000
ip address 10.10.10.10 255.255.255.252
ip nat outside
tunnel source FastEthernet0/1
tunnel destination 172.17.204.2

!
//配置对内以太网接口地址,并设置地址翻译
interface FastEthernet0/0
ip address 10.10.1.253 255.255.255.0
ip nat inside
duplex auto
speed auto
!
interface BRI0/0
no ip address
shutdown
!
//设置对外以太网接口地址
interface FastEthernet0/1
ip address 172.17.173.74 255.255.255.248
duplex auto
speed auto
!
interface FastEthernet0/1.1
!
//配置动态路由协议OSPF
router ospf 1
network 10.10.1.0 0.0.0.255 area 0 //宣告子网10.10.1.0
!
ip nat inside source list 1 interface Loopback0 overload //将内部地址翻译成LOOPBACK0接口地址211.67.96.254
ip nat inside source static 10.10.2.1 211.67.96.1 //将WWW服务器静态映射为211.67.96.1
ip nat inside source static 10.10.2.2 211.67.96.2 //将E-MAIL服务器静态映射为211.67.96.1
ip classless
ip route 0.0.0.0 0.0.0.0 10.10.10.9 //设置到大学路由器的缺省路由
ip route 172.17.0.0 255.255.0.0 172.17.173.73 //设置到有线台的静态路由
ip route 172.19.221.0 255.255.255.0 172.17.173.73 //设置到有线台的静态路由
no ip http server
!
access-list 1 permit any
access-list 101 permit ip any 172.17.173.72 0.0.0.7
access-list 102 permit ip 172.17.173.72 0.0.0.7 any
access-list 166 permit tcp any host 172.17.173.75 eq www
access-list 166 deny ip any any
access-list 177 permit tcp host 172.17.173.74 any
access-list 177 permit udp host 172.17.173.74 any
access-list 177 deny ip any any
//以下为配置与网管有关的SNMP参数
snmp-server engineID local 0000000902000002FD14F980
snmp-server community public RO //配置网管SNMP读、写通讯参数为PUBLIC
snmp-server community private RW //配置网管SNMP只读通讯参数为PRIVATE
snmp-server packetsize 2048
snmp-server enable traps snmp
snmp-server enable traps isdn call-information
snmp-server enable traps isdn layer2
snmp-server enable traps isdn isdnu-interface
snmp-server enable traps hsrp
snmp-server enable traps config
snmp-server enable traps entity
snmp-server enable traps envmon
snmp-server enable traps bgp
snmp-server enable traps rsvp
snmp-server enable traps frame-relay
snmp-server enable traps rtr
snmp-server enable traps syslog
!
//对控制口CONSOLE进行配置,通讯波特率参数等,注意不要轻易更改此配置,否则可能导致无法通过CONSOLE 口调试
line con 0
transport input none
stopbits 1
line aux 0
//对虚拟终端0-4进行设置,即设置远程TELNET 的登录密码及用户权限,步骤为CONFIG T进入配置模式,LINE VTY 0 4进入LINE接口配置模式,privilege level 设置权限,PASSWORD 设置登录密码
line vty 0 4
privilege level 15
password 123456
login
!
no scheduler allocate
end
收藏 分享

返回列表 回复 发帖