Administration Buildings Project network

Latest reply: Sep 24, 2014 09:32:36 2632 3 0 0

This is a sample Administration Buildings Project network, we directly give the configuration of the equipment.

 

 

1. S3700

sysname S3700
#
undo info-center enable
#
vlan batch 101 to 102
#
cluster enable
ntdp enable
ndp enable
#
drop illegal-mac alarm
#
diffserv domain default
#
drop-profile default
#
aaa
 authentication-scheme default
 authorization-scheme default
 accounting-scheme default
 domain default
 domain default_admin
 local-user admin password simple admin
 local-user admin service-type http
#
interface Vlanif1
#
interface MEth0/0/1
#
interface Ethernet0/0/1
 port link-type access
 port default vlan 101
#
interface Ethernet0/0/2
 port link-type access
 port default vlan 102
#
interface GigabitEthernet0/0/1
 port link-type trunk
 port trunk allow-pass vlan 2 to 4094
#
interface GigabitEthernet0/0/2
#
interface NULL0
#
user-interface con 0
user-interface vty 0 4
#
return

2.S7700

sysname S7700
#
undo info-center enable
#
vlan batch 100 to 102
#
cluster enable
ntdp enable
ndp enable
#
drop illegal-mac alarm
#
dhcp enable
#
diffserv domain default
#
drop-profile default
#
aaa
 authentication-scheme default
 authorization-scheme default
 accounting-scheme default
 domain default
 domain default_admin
 local-user admin password simple admin
 local-user admin service-type http
#
interface Vlanif1
#
interface Vlanif100
 ip address 192.168.100.1 255.255.255.0
#
interface Vlanif101
 ip address 192.168.101.254 255.255.255.0
 dhcp select interface
 dhcp server dns-list 1.1.1.1
#
interface Vlanif102
 ip address 192.168.102.254 255.255.255.0
 dhcp select interface
 dhcp server dns-list 1.1.1.1
#
interface MEth0/0/1
#
interface GigabitEthernet0/0/1
 port link-type trunk
 port trunk allow-pass vlan 2 to 4094
#
interface GigabitEthernet0/0/2
 port link-type trunk
 port trunk allow-pass vlan 2 to 4094
#
interface GigabitEthernet0/0/3
 port hybrid pvid vlan 100
 port hybrid untagged vlan 100
#
interface NULL0
#
ip route-static 0.0.0.0 0.0.0.0 192.168.100.2
#
user-interface con 0
user-interface vty 0 4
#
return

3.USG 2260

stp region-configuration
 region-name 103d6415909d
 active region-configuration
#
interface GigabitEthernet0/0/0
 alias GE0/MGMT
 ip address 192.168.0.1 255.255.255.0
 dhcp select interface
 dhcp server gateway-list 192.168.0.1
#
interface GigabitEthernet0/0/1
 ip address 202.98.100.1 255.255.255.0
#
interface GigabitEthernet0/0/2
#
interface GigabitEthernet0/0/3
 ip address 192.168.100.2 255.255.255.0
#
interface GigabitEthernet0/0/4
#
interface GigabitEthernet0/0/5
#
interface GigabitEthernet0/0/6
#
interface GigabitEthernet0/0/7
#
interface GigabitEthernet0/0/8
#
interface NULL0
 alias NULL0
#
firewall zone local
 set priority 100
#
firewall zone trust
 set priority 85
 add interface GigabitEthernet0/0/0
 add interface GigabitEthernet0/0/3
#
firewall zone untrust
 set priority 5
 add interface GigabitEthernet0/0/1
#
firewall zone dmz
 set priority 50
#
aaa
 local-user admin password cipher %$%$}CSe#6I!<Wm|ZUTv*4#A:`WN%$%$
 local-user admin service-type web terminal telnet
 local-user admin level 15
 authentication-scheme default
 #
 authorization-scheme default
 #
 accounting-scheme default
 #
 domain default
 #
#
nqa-jitter tag-version 1

#
 ip route-static 0.0.0.0 0.0.0.0 202.98.100.2
 ip route-static 192.168.101.0 255.255.255.0 192.168.100.1
 ip route-static 192.168.102.0 255.255.255.0 192.168.100.1
#
 banner enable
#
user-interface con 0
 authentication-mode none
user-interface vty 0 4
 authentication-mode none
 protocol inbound all
#
 slb
#
right-manager server-group
#
 sysname USG2260
#
 l2tp domain suffix-separator @
#
 firewall packet-filter default permit interzone local trust direction inbound
 firewall packet-filter default permit interzone local trust direction outbound
 firewall packet-filter default permit interzone local untrust direction outbound

 firewall packet-filter default permit interzone local dmz direction outbound
#
 ip df-unreachables enable
#
 firewall ipv6 session link-state check
 firewall ipv6 statistic system enable
#
 dns resolve
#
 firewall statistic system enable
#
 pki ocsp response cache refresh interval 0
 pki ocsp response cache number 0
#
 undo dns proxy
#
 license-server domain lic.huawei.com
#
 web-manager enable
#
policy interzone trust untrust outbound
 policy 0
  action permit
  policy source 192.168.0.0 0.0.255.255
#
nat-policy interzone trust untrust outbound
 policy 1
  action source-nat
  policy source 192.168.0.0 0.0.255.255
  easy-ip GigabitEthernet0/0/1
#
return

 

  • x
  • convention:

user_46175
Created Sep 24, 2014 07:05:24 Helpful(0) Helpful(0)

Good !
  • x
  • convention:

user_46175
Created Sep 24, 2014 07:06:07 Helpful(0) Helpful(0)

GOOD +1
  • x
  • convention:

user_111057
Created Sep 24, 2014 09:32:36 Helpful(0) Helpful(0)

good share.
  • x
  • convention:

Comment

Reply
You need to log in to reply to the post Login | Register

Notice Notice: To protect the legitimate rights and interests of you, the community, and third parties, do not release content that may bring legal risks to all parties, including but are not limited to the following:
  • Politically sensitive content
  • Content concerning pornography, gambling, and drug abuse
  • Content that may disclose or infringe upon others ' commercial secrets, intellectual properties, including trade marks, copyrights, and patents, and personal privacy
Do not share your account and password with others. All operations performed using your account will be regarded as your own actions and all consequences arising therefrom will be borne by you. For details, see " Privacy."
If the attachment button is not available, update the Adobe Flash Player to the latest version!
Login and enjoy all the member benefits

Login and enjoy all the member benefits

Login