中小型企业网络方案设计
路由:
ip route 0.0.0.0 0.0.0.0 220.156.66.117
过载:
ip nat inside source list 110 interface FastEthernet0/2 overload access-list 110 permit ip 192.168.0.0 0.0.255.255 any
2、配置Core switch
VTP:
VTP Version: 2
Configuration Revision: 7
Maximum VLANs supported locally : 1005
Number of existing VLANs: 9
VTP Operating Mode: Server
VTP Domain Name: OA
VTP Pruning Mode: Disabled
VTP V2 Mode: Enabled
VTP Traps Generation: Enabled
VLAN:
core-sw#vlan database 进入vlan配置模式
core-sw(vlan)#vtp domain OA 设置vtp管理域名称OA
core-sw(vlan)#vtp server 设置交换机为服务器模式 core-sw(vlan)#vlan 10 name shichang 创建VLAN 10,为市场部
core-sw(vlan)#vlan 11 name caiwu 创建VLAN 10,为财务部
core-sw(vlan)#vlan 12 name sheji 创建VLAN 12,为设计部
core-sw(vlan)#vlan 13 name netprinter 创建VLAN 13,为网络打印机 core-sw(vlan)#vlan 20 name server 创建VLAN 20,为服务器组 core-sw(config)#interface vlan 10
core-sw(config-if)#ip address 192.168.42.254 255.255.255.0
core-sw(config)#interface vlan 11
core-sw(config-if)#ip address 192.168.40.254 255.255.255.0
core-sw(config)#interface vlan 12
core-sw(config-if)#ip address 192.168.41.254 255.255.255.0
core-sw(config)#interface vlan 13
core-sw(config-if)#ip address 192.168.30.254 255.255.255.0
core-sw(config)#interface vlan 20
core-sw(config-if)#ip address 192.168.2.254 255.255.255.0
将接入层SW上的端口根据需要划分至各个VLAN
3、配置ACL
配置ACL 应用在各个部门VLAN接口上,控制各部门互访
access-list 10 permit 192.168.2.0 0.0.0.255