网工入门-基础操作
路由器
系统视图:system-view
选择网口:interface GigabitEthernet 0/0/1
配置ip: ip address 192.168.1.1 255.255.255.0
保存配置: save
打开dhcp: dhcp enable
选择网口:interface GigabitEthernet 0/0/1
dhcp网口:dhcp select interface
查看路由表: display ip routing-table
修改设备名称: sysname xxx
添加静态路由:ip route-static 192.168.3.0(要转发的ip段) 255.255.255.0(掩码) 192.168.2.10(下一跳)
创建子接口:interface GigabitEthernet 0/0/0.10
子接口和vlan关联:dot1q termination vid 10
允许arp广播: arp broadcast enable
查看当前网口: display this
交换机:
进入系统:system-view
创建vlan: vlan 10
选择网口:interface GigabitEthernet 0/0/1
配置网口类型:port link-type access/trunk
配置网口vlan: port default vlan 10
trunk网口配置允许通过的vlan: port trunk allow-pass vlan all
三层交换机:
选择vlan:interface Vlanif 10
配置网关ip: ip address 192.168.1.254 255.255.255.0
查看vlan网关:display ip interface brief
创建ACL访问规则:
acl name test advance
rule deny ip source 192.168.10.0 0.0.0.255 destination 192.168.30.0 0.0.0.255
rule permit ip source any destination any
查看acl:
display acl all
删除acl:
undo acl name xxx
使用规则
[Huawei-GigabitEthernet0/0/1]traffic-filter inbound acl name test
NAT转换:
[Huawei-acl-basic-neiwang]rule permit source 192.168.0.0 0.0.255.255
[Huawei]nat address-group 1 64.1.1.2 64.1.1.6
[Huawei]display acl all
[Huawei-GigabitEthernet0/0/1]nat outbound 2999(acl number) address-group 1
解除绑定:[Huawei-GigabitEthernet0/0/1]undo nat outbound 2999(acl number) address-group 1
静态nat
[Huawei-GigabitEthernet0/0/1]nat server global 119.1.1.123 inside 172.16.0.1
路由器打开远程管理:
创建5个远程连接窗口[Huawei]user-interface vty 0 4
认证类型: [Huawei-ui-vty0-4]authentication-mode aaa
创建用户和密码:[Huawei-aaa]local-user testuser password cipher 123456
用户权限级别: [Huawei-aaa]local-user testuser privilege level 15
访问类型:[Huawei-aaa]local-user testuser service-type telnet
打开telent服务: [Huawei]telnet server enable
路由器dhcp配置地址池:
选择网口:interface GigabitEthernet 0/0/0
配置ip: ip address 192.168.10.1 255.255.255.0
ip pool for10(地址池名称)
network 192.168.10.0 mask 255.255.255.0
gateway-list 192.168.10.1
dns-list 114.114.114.114
选择网口:interface GigabitEthernet 0/0/0
从地址池分配地址:dhcp select global