1.修改名称
sysname 名称
2.进入aaa模式
[5F/L01]aaa
#
aaa
authentication-scheme default
authorization-scheme default
accounting-scheme default
domain default
domain default_admin
local-user admin password simple admin
local-user admin service-type http
local-user xqidc password cipher Z7*!2I18^PL2a:I4"+(+"1!! //添加用户名密码
local-user xqidc privilege level 15 //设定安全等级
local-user xqidc service-type telnet //开启远程telnet
3.设置vty接口,启用aaa模式
[5F/L01]user-interface vty 0 4
[5F/L01-ui-vty0-4]authentication-mode aaa
4.添加机柜网段对应vlan,在vlan内配置交换机管理地址
[5F/L01]vlan 2400
[5F/L01-vlan502]q
[5F/L01]interface Vlanif 2400
[5F/L01-Vlanif502]ip address 119.147.152.116 255.255.255.224
5.配置静态路由
[5F/L01]ip route-static 0.0.0.0 0.0.0.0 119.147.152.97 //97为本子网网关
6.配置上联端口(trunk模式,添加本子网vlan)
interface GigabitEthernet0/0/1
port link-type trunk
port trunk allow-pass vlan 2400
ntdp enable
ndp enable
7.配置24个百兆电口access模式
interface Ethernet0/0/1
port link-type access
port default vlan 2400
ntdp enable
ndp enable
qos lr inbound cir 10000 cbs 1000000
8.绑定mac地址
ping 服务器ip地址
[5F/L01]ping 119.147.152.112
PING 119.147.152.112: 56 data bytes, press CTRL_C to break
Reply from 119.147.152.112: bytes=56 Sequence=1 ttl=64 time=2 ms
Reply from 119.147.152.112: bytes=56 Sequence=2 ttl=64 time=1 ms
Reply from 119.147.152.112: bytes=56 Sequence=3 ttl=64 time=1 ms
查看该ip对应的mac地址及端口
[5F/L01]dis arp | in 119.147.152.98
IP ADDRESS MAC ADDRESS EXPIRE(M) TYPE INTERFACE ×××-INSTANCE
VLAN
------------------------------------------------------------------------------
119.147.152.98 0014-22b1-24b1 17 D-0 Eth0/0/1
------------------------------------------------------------------------------
Total:16 Dynamic:15 Static:0 Interface:1
绑定
[5F/L01]user-bind static ip-address 119.147.151.99 mac-address 0014-22b1-23af interface Ethernet 0/0/2 vlan 502
在对应端口开启
[5F/L01-Ethernet0/0/1]arp anti-attack check user-bind enable
[5F/L01-Ethernet0/0/1]ip source check user-bind enable
解绑
[5F/L01-Ethernet0/0/1]undo arp anti-attack check user-bind enable
[5F/L01-Ethernet0/0/1]undo ip source check user-bind enable
[5F/L01]undo user-bind static ip-address 119.147.151.99
转载于:https://blog.51cto.com/butterflykiss/1951609
