Administration Buildings Project network

This is a sample Administration Buildings Project network, we directly give the configuration of the equipment.

 

 

1. S3700

sysname S3700
#
undo info-center enable
#
vlan batch 101 to 102
#
cluster enable
ntdp enable
ndp enable
#
drop illegal-mac alarm
#
diffserv domain default
#
drop-profile default
#
aaa
 authentication-scheme default
 authorization-scheme default
 accounting-scheme default
 domain default
 domain default_admin
 local-user admin password simple admin
 local-user admin service-type http
#
interface Vlanif1
#
interface MEth0/0/1
#
interface Ethernet0/0/1
 port link-type access
 port default vlan 101
#
interface Ethernet0/0/2
 port link-type access
 port default vlan 102
#
interface GigabitEthernet0/0/1
 port link-type trunk
 port trunk allow-pass vlan 2 to 4094
#
interface GigabitEthernet0/0/2
#
interface NULL0
#
user-interface con 0
user-interface vty 0 4
#
return

2.S7700

sysname S7700
#
undo info-center enable
#
vlan batch 100 to 102
#
cluster enable
ntdp enable
ndp enable
#
drop illegal-mac alarm
#
dhcp enable
#
diffserv domain default
#
drop-profile default
#
aaa
 authentication-scheme default
 authorization-scheme default
 accounting-scheme default
 domain default
 domain default_admin
 local-user admin password simple admin
 local-user admin service-type http
#
interface Vlanif1
#
interface Vlanif100
 ip address 192.168.100.1 255.255.255.0
#
interface Vlanif101
 ip address 192.168.101.254 255.255.255.0
 dhcp select interface
 dhcp server dns-list 1.1.1.1
#
interface Vlanif102
 ip address 192.168.102.254 255.255.255.0
 dhcp select interface
 dhcp server dns-list 1.1.1.1
#
interface MEth0/0/1
#
interface GigabitEthernet0/0/1
 port link-type trunk
 port trunk allow-pass vlan 2 to 4094
#
interface GigabitEthernet0/0/2
 port link-type trunk
 port trunk allow-pass vlan 2 to 4094
#
interface GigabitEthernet0/0/3
 port hybrid pvid vlan 100
 port hybrid untagged vlan 100
#
interface NULL0
#
ip route-static 0.0.0.0 0.0.0.0 192.168.100.2
#
user-interface con 0
user-interface vty 0 4
#
return

3.USG 2260

stp region-configuration
 region-name 103d6415909d
 active region-configuration
#
interface GigabitEthernet0/0/0
 alias GE0/MGMT
 ip address 192.168.0.1 255.255.255.0
 dhcp select interface
 dhcp server gateway-list 192.168.0.1
#
interface GigabitEthernet0/0/1
 ip address 202.98.100.1 255.255.255.0
#
interface GigabitEthernet0/0/2
#
interface GigabitEthernet0/0/3
 ip address 192.168.100.2 255.255.255.0
#
interface GigabitEthernet0/0/4
#
interface GigabitEthernet0/0/5
#
interface GigabitEthernet0/0/6
#
interface GigabitEthernet0/0/7
#
interface GigabitEthernet0/0/8
#
interface NULL0
 alias NULL0
#
firewall zone local
 set priority 100
#
firewall zone trust
 set priority 85
 add interface GigabitEthernet0/0/0
 add interface GigabitEthernet0/0/3
#
firewall zone untrust
 set priority 5
 add interface GigabitEthernet0/0/1
#
firewall zone dmz
 set priority 50
#
aaa
 local-user admin password cipher %$%$}CSe#6I!<Wm|ZUTv*4#A:`WN%$%$
 local-user admin service-type web terminal telnet
 local-user admin level 15
 authentication-scheme default
 #
 authorization-scheme default
 #
 accounting-scheme default
 #
 domain default
 #
#
nqa-jitter tag-version 1

#
 ip route-static 0.0.0.0 0.0.0.0 202.98.100.2
 ip route-static 192.168.101.0 255.255.255.0 192.168.100.1
 ip route-static 192.168.102.0 255.255.255.0 192.168.100.1
#
 banner enable
#
user-interface con 0
 authentication-mode none
user-interface vty 0 4
 authentication-mode none
 protocol inbound all
#
 slb
#
right-manager server-group
#
 sysname USG2260
#
 l2tp domain suffix-separator @
#
 firewall packet-filter default permit interzone local trust direction inbound
 firewall packet-filter default permit interzone local trust direction outbound
 firewall packet-filter default permit interzone local untrust direction outbound

 firewall packet-filter default permit interzone local dmz direction outbound
#
 ip df-unreachables enable
#
 firewall ipv6 session link-state check
 firewall ipv6 statistic system enable
#
 dns resolve
#
 firewall statistic system enable
#
 pki ocsp response cache refresh interval 0
 pki ocsp response cache number 0
#
 undo dns proxy
#
 license-server domain lic.huawei.com
#
 web-manager enable
#
policy interzone trust untrust outbound
 policy 0
  action permit
  policy source 192.168.0.0 0.0.255.255
#
nat-policy interzone trust untrust outbound
 policy 1
  action source-nat
  policy source 192.168.0.0 0.0.255.255
  easy-ip GigabitEthernet0/0/1
#
return