划分vlan配置上网，开通远程连接管理（真机环境：艾泰4240G路由+华为S5720S-Li-AC）

已有有线现网，需要划分vlan：

第一步：设置交换机

sysname hx
#
vlan batch 5 10 20
#
telnet server enable
#
dhcp enable
#
user-interface maximum-vty 15
user-interface vty 0 4
authentication-mode aaa
user privilege level 15
protocol inbound all
#
aaa
local-user admin password irreversible-cipher admin@huawei.com
local-user admin privilege level 15
local-user admin service-type terminal http
local-user admin123 password irreversible-cipher admin@123
local-user admin123 privilege level 15
local-user admin123 service-type telnet
#
port-group 10
group-member GigabitEthernet0/0/1 to GigabitEthernet0/0/10
port link-type access
port default vlan 10
#
port-group 20
group-member GigabitEthernet0/0/11 to GigabitEthernet0/0/20
port link-type access
port default vlan 20
#
ip pool 10
gateway-list 192.168.10.254
network 192.168.10.0 mask 255.255.255.0
dns-list 192.168.10.254
#
ip pool 20
gateway-list 192.168.20.254
network 192.168.20.0 mask 255.255.255.0
dns-list 218.85.152.99
#
interface Vlanif5
ip address 192.168.1.254 255.255.255.0
#
interface Vlanif10
ip address 192.168.10.254 255.255.255.0
dhcp select global
#
interface Vlanif20
ip address 192.168.20.254 255.255.255.0
dhcp select global
#
interface GigabitEthernet0/0/24
port link-type access
port default vlan 5
#
ospf 1 router-id 2.2.2.2
area 0.0.0.0
network 192.168.1.0 0.0.0.255
network 192.168.10.0 0.0.0.255
network 192.168.20.0 0.0.0.255
#
ip route-static 0.0.0.0 0.0.0.0 192.168.1.1
--------------------------------------------------------
第二步：艾泰路由器设置
1、正常访问路由器管理页面（设置--路由配置）

新增.静态路由：
vlan 10 :192.168.10.0 255.255.255.0（交换机的vlan10网段和掩码） 192.168.1.254(这里之前的是交换机的地址）优先级设置为1  绑定接口为LAN口 
vlan 20 :192.168.20.0 255.255.255.0（交换机的vlan10网段和掩码） 192.168.1.254(这里之前的是交换机的地址）优先级设置为1  绑定接口为LAN口 
vlan-to-wan :0.0.0.0 0.0.0.0（交换机的所有IP网段和全掩码） 100.64.0.1(这里看WAN口获取到的isp的网关地址）优先级设置为1  绑定接口为WAN口