今天仅仅将配置奉上,明天将做讲解~~~
其实都是比较基础的配置,不过使用价值非常高~~~
其中有些是他们以前配的,我没有删掉,因为对网络没有影响~~~
2621:
!
!
no ip domain lookup
ip host server 2065 1.1.1.1
ip dhcp excluded-address 192.168.0.1 192.168.0.40
ip dhcp excluded-address 192.168.0.100 192.168.0.160
ip dhcp excluded-address 192.168.2.1 192.168.2.40
ip dhcp excluded-address 192.168.3.1 192.168.3.40
ip dhcp excluded-address 192.168.4.1 192.168.4.40
ip dhcp excluded-address 192.168.5.1 192.168.5.40
ip dhcp excluded-address 192.168.1.1 192.168.1.100
ip dhcp excluded-address 192.168.0.220 192.168.0.254
ip dhcp excluded-address 192.168.7.1 192.168.7.10
!
ip dhcp pool classroom1
network 192.168.1.0 255.255.255.0
default-router 192.168.1.1
dns-server 202.106.196.115 202.106.196.152
lease 2
!
ip dhcp pool classroom2
network 192.168.2.0 255.255.255.0
default-router 192.168.2.1
dns-server 202.106.196.115 202.106.196.152
lease 2
!
ip dhcp pool classroom3
network 192.168.3.0 255.255.255.0
default-router 192.168.3.1
dns-server 202.106.196.115 202.106.196.152
lease 2
!
ip dhcp pool classroom4
network 192.168.4.0 255.255.255.0
default-router 192.168.4.1
dns-server 202.106.196.115 202.106.196.152
lease 2
!
ip dhcp pool classroom5
network 192.168.5.0 255.255.255.0
default-router 192.168.5.1
dns-server 202.106.196.115 202.106.196.152
lease 2
!
ip dhcp pool classroom6
network 192.168.6.0 255.255.255.0
default-router 192.168.6.1
dns-server 202.106.196.115 202.106.196.152
lease 2
!
ip dhcp pool servers
network 192.168.0.0 255.255.255.0
dns-server 202.106.196.115 202.106.196.152
default-router 192.168.0.1
lease 2
!
ip dhcp pool classroom7
network 192.168.7.0 255.255.255.0
default-router 192.168.7.1
dns-server 202.106.196.115 202.106.196.152
lease 2
!
ip vrf vpn1
rd 100:1
route-target export 100:1
route-target import 100:1
!
ip vrf vpn2
rd 100:2
route-target export 100:2
route-target import 100:2
!
ip audit notify log
ip audit po max-events 100
!
!
!
!
!
!
!
!
!
!
!
!
no voice hpi capture buffer
no voice hpi capture destination
!
!
!
!
!
!
interface Loopback0
ip address 160.1.13.13 255.255.255.0
!
interface FastEthernet0/0
no ip address
speed 100
full-duplex
!
interface FastEthernet0/0.800
encapsulation dot1Q 800
ip address 218.247.142.201 255.255.255.224 secondary
ip address 218.247.142.194 255.255.255.224
ip nat outside
no cdp enable
!
interface FastEthernet0/0.900
encapsulation dot1Q 900
ip address 192.168.0.1 255.255.255.0
ip nat inside
no cdp enable
!
interface FastEthernet0/0.901
encapsulation dot1Q 901
ip address 192.168.1.1 255.255.255.0
ip access-group outcontrol in
ip nat inside
no cdp enable
!
interface FastEthernet0/0.902
encapsulation dot1Q 902
ip address 192.168.2.1 255.255.255.0
ip access-group outcontrol in
ip nat inside
no cdp enable
!
interface FastEthernet0/0.903
encapsulation dot1Q 903
ip address 192.168.3.1 255.255.255.0
ip access-group outcontrol in
ip nat inside
no cdp enable
!
interface FastEthernet0/0.904
encapsulation dot1Q 904
ip address 192.168.4.1 255.255.255.0
ip access-group officecontrol in
ip nat inside
no cdp enable
!
interface FastEthernet0/0.905
encapsulation dot1Q 905
ip address 192.168.5.1 255.255.255.0
ip access-group outcontrol in
ip nat inside
no cdp enable
!
interface FastEthernet0/0.906
encapsulation dot1Q 906
ip address 192.168.6.1 255.255.255.0
ip access-group outcontrol in
ip nat inside
no cdp enable
!
interface FastEthernet0/0.907
encapsulation dot1Q 907
ip address 192.168.7.1 255.255.255.0
ip access-group outcontrol in
ip nat inside
no cdp enable
!
interface FastEthernet0/1
no ip address
duplex auto
speed auto
!
ip local pool rempool 10.0.0.1 10.0.0.20
ip nat translation timeout 300
ip nat translation tcp-timeout 300
ip nat pool natpool 218.247.142.218 218.247.142.220 netmask 255.255.255.224
ip nat inside source list 1 pool natpool overload
ip nat inside source static tcp 192.168.0.2 23 218.247.142.194 8802 extendable
ip nat inside source static tcp 192.168.0.26 23 218.247.142.194 8826 extendable
ip nat inside source static tcp 192.168.0.25 23 218.247.142.194 8825 extendable
ip nat inside source static tcp 192.168.0.24 23 218.247.142.194 8824 extendable
ip nat inside source static tcp 192.168.0.23 23 218.247.142.194 8823 extendable
ip nat inside source static tcp 192.168.0.21 23 218.247.142.194 8821 extendable
ip nat inside source static tcp 192.168.0.22 23 218.247.142.194 8822 extendable
ip nat inside source static tcp 192.168.0.22 20 218.247.142.194 20 extendable
ip nat inside source static tcp 192.168.0.28 23 218.247.142.194 8828 extendable
ip nat inside source static tcp 192.168.0.29 23 218.247.142.194 8829 extendable
ip nat inside source static tcp 192.168.0.47 23 218.247.142.194 4723 extendable
ip nat inside source static tcp 192.168.0.47 21 218.247.142.194 4721 extendable
ip nat inside source static tcp 192.168.0.47 20 218.247.142.194 4720 extendable
ip nat inside source static tcp 192.168.0.47 25 218.247.142.194 4725 extendable
ip nat inside source static tcp 192.168.0.47 110 218.247.142.194 47110 extendabl
e
ip nat inside source static tcp 192.168.0.200 8080 218.247.142.194 8080 extendab
le
ip nat inside source static tcp 192.168.0.240 23 218.247.142.194 8240 extendable
ip nat inside source static tcp 192.168.0.240 22 218.247.142.194 22 extendable
ip nat inside source static tcp 192.168.0.240 115 218.247.142.194 115 extendable
ip nat inside source static tcp 192.168.0.21 23 218.247.142.194 8826 extendable
ip nat inside source static tcp 192.168.0.240 8080 218.247.142.194 8080 extendab
le
ip nat inside source static tcp 192.168.0.100 23 218.247.142.194 626 extendable
ip nat inside source static tcp 192.168.0.100 23 218.247.142.195 626 extendable
ip nat inside source static tcp 192.168.0.100 23 218.247.142.201 626 extendable
ip nat inside source static tcp 192.168.0.31 23 218.247.142.201 8831 extendable
ip nat inside source static tcp 192.168.0.32 23 218.247.142.201 8832 extendable
ip nat inside source static tcp 192.168.0.33 23 218.247.142.201 8833 extendable
ip nat inside source static tcp 192.168.0.34 23 218.247.142.201 8834 extendable
ip nat inside source static tcp 192.168.0.35 23 218.247.142.201 8835 extendable
ip nat inside source static tcp 192.168.0.84 23 218.247.142.201 8335 extendable
ip nat inside source static tcp 192.168.0.31 23 218.247.142.194 8831 extendable
ip nat inside source static tcp 192.168.0.36 23 218.247.142.201 8836 extendable
ip nat inside source static tcp 192.168.0.36 23 218.247.142.194 8836 extendable
ip nat inside source static tcp 192.168.0.82 21 218.247.142.201 21 extendable
no ip http server
no ip http secure-server
ip classless
ip route 0.0.0.0 0.0.0.0 218.247.142.193
!
!
!
ip access-list extended denyicmp
deny icmp any any
deny tcp any any eq 135
permit ip any any
ip access-list extended firewall
permit tcp any any eq www
permit tcp any eq www any
permit icmp any any
permit tcp any any eq telnet
permit tcp any eq telnet any
permit tcp any any eq ftp
permit tcp any any eq ftp-data
permit tcp any eq ftp any
permit tcp any eq ftp-data any
permit tcp any any eq domain
permit udp any any eq domain
permit tcp any eq domain any
permit udp any eq domain any
permit tcp any any eq smtp
permit tcp any eq smtp any
permit tcp any any eq pop3
permit tcp any eq pop3 any
permit tcp any any eq 2121
permit tcp any any eq 8821
permit tcp any any eq 8822
permit tcp any any eq 8823
permit tcp any any eq 8824
permit tcp any any eq 8825
permit tcp any any eq 8826
permit tcp any any eq 1581
permit tcp any any eq 8080
permit ip host 202.109.106.130 any
permit ip host 218.17.246.163 any
permit ip host 203.93.63.237 any
permit ip host 203.93.63.238 any
permit tcp any eq 5000 any
permit tcp any eq 5001 any
permit tcp any eq 5100 any
permit tcp any eq 5101 any
permit ip host 218.2.247.68 any
permit tcp any eq 7001 any
permit udp any eq 7001 any
permit udp any eq 1863 any
permit tcp any eq 443 any
permit tcp any any eq 5080
permit udp any any eq isakmp
permit tcp any any eq 500
ip access-list extended officecontrol
deny tcp any any eq 1025
deny tcp any any eq 135
deny tcp any any eq 445
deny tcp any any eq 5554 log-input
deny tcp any any eq 9996 log-input
deny tcp any any eq 136
deny tcp any any eq 137
deny tcp any any eq 138
deny tcp any any eq 139
permit ip any any
permit icmp any any
deny udp any any eq 1434
deny ip host 192.168.0.45 any
ip access-list extended outcontrol
deny udp any any eq 4000
deny tcp any any eq 4000
deny udp any any eq 11023
deny tcp any any eq 8000
deny tcp any any eq 1025
deny tcp any any eq 135
deny tcp any any eq 445
deny tcp any any eq 5554 log-input
deny tcp any any eq 9996 log-input
deny tcp any any eq 136
deny tcp any any eq 137
deny tcp any any eq 138
deny tcp any any eq 139
permit tcp any any eq telnet
permit tcp any eq telnet any
permit tcp any any eq ftp
permit tcp any any eq ftp-data
permit tcp any eq ftp any
permit tcp any eq ftp-data any
permit tcp any any eq domain
permit udp any any eq domain
permit ip host 192.168.2.41 any
permit ip host 192.168.2.77 any
permit ip any 192.168.0.0 0.0.255.255
permit udp any any eq bootpc
permit udp any any eq bootps
permit ip any any time-range outcontrol
deny ip host 192.168.0.92 any
deny udp any any eq 1434
deny tcp any any
permit tcp any any eq www
deny udp any any
access-list 1 permit 192.168.0.0 0.0.255.255
access-list 101 permit icmp 192.168.0.0 0.0.255.255 10.0.0.0 0.255.255.255
access-list 101 permit ip 192.168.0.0 0.0.255.255 10.0.0.0 0.255.255.255
!
tftp-server flash:c2600-j1s3-mz.122-13.T8.bin
snmp-server enable traps tty
!
!
dial-peer cor custom
!
!
!
!
!
line con 0
line aux 0
line vty 0 4
password tarenaccnp
login
line vty 5 15
password tarenaccnp
login
!
time-range onecontrol
periodic daily 12:30 to 13:30
periodic daily 17:30 to 23:58
periodic daily 0:00 to 9:30
!
time-range outcontrol
periodic daily 0:30 to 9:30
periodic daily 12:30 to 13:30
periodic daily 17:30 to 18:30
!
!
!
end
!
no ip domain lookup
ip host server 2065 1.1.1.1
ip dhcp excluded-address 192.168.0.1 192.168.0.40
ip dhcp excluded-address 192.168.0.100 192.168.0.160
ip dhcp excluded-address 192.168.2.1 192.168.2.40
ip dhcp excluded-address 192.168.3.1 192.168.3.40
ip dhcp excluded-address 192.168.4.1 192.168.4.40
ip dhcp excluded-address 192.168.5.1 192.168.5.40
ip dhcp excluded-address 192.168.1.1 192.168.1.100
ip dhcp excluded-address 192.168.0.220 192.168.0.254
ip dhcp excluded-address 192.168.7.1 192.168.7.10
!
ip dhcp pool classroom1
network 192.168.1.0 255.255.255.0
default-router 192.168.1.1
dns-server 202.106.196.115 202.106.196.152
lease 2
!
ip dhcp pool classroom2
network 192.168.2.0 255.255.255.0
default-router 192.168.2.1
dns-server 202.106.196.115 202.106.196.152
lease 2
!
ip dhcp pool classroom3
network 192.168.3.0 255.255.255.0
default-router 192.168.3.1
dns-server 202.106.196.115 202.106.196.152
lease 2
!
ip dhcp pool classroom4
network 192.168.4.0 255.255.255.0
default-router 192.168.4.1
dns-server 202.106.196.115 202.106.196.152
lease 2
!
ip dhcp pool classroom5
network 192.168.5.0 255.255.255.0
default-router 192.168.5.1
dns-server 202.106.196.115 202.106.196.152
lease 2
!
ip dhcp pool classroom6
network 192.168.6.0 255.255.255.0
default-router 192.168.6.1
dns-server 202.106.196.115 202.106.196.152
lease 2
!
ip dhcp pool servers
network 192.168.0.0 255.255.255.0
dns-server 202.106.196.115 202.106.196.152
default-router 192.168.0.1
lease 2
!
ip dhcp pool classroom7
network 192.168.7.0 255.255.255.0
default-router 192.168.7.1
dns-server 202.106.196.115 202.106.196.152
lease 2
!
ip vrf vpn1
rd 100:1
route-target export 100:1
route-target import 100:1
!
ip vrf vpn2
rd 100:2
route-target export 100:2
route-target import 100:2
!
ip audit notify log
ip audit po max-events 100
!
!
!
!
!
!
!
!
!
!
!
!
no voice hpi capture buffer
no voice hpi capture destination
!
!
!
!
!
!
interface Loopback0
ip address 160.1.13.13 255.255.255.0
!
interface FastEthernet0/0
no ip address
speed 100
full-duplex
!
interface FastEthernet0/0.800
encapsulation dot1Q 800
ip address 218.247.142.201 255.255.255.224 secondary
ip address 218.247.142.194 255.255.255.224
ip nat outside
no cdp enable
!
interface FastEthernet0/0.900
encapsulation dot1Q 900
ip address 192.168.0.1 255.255.255.0
ip nat inside
no cdp enable
!
interface FastEthernet0/0.901
encapsulation dot1Q 901
ip address 192.168.1.1 255.255.255.0
ip access-group outcontrol in
ip nat inside
no cdp enable
!
interface FastEthernet0/0.902
encapsulation dot1Q 902
ip address 192.168.2.1 255.255.255.0
ip access-group outcontrol in
ip nat inside
no cdp enable
!
interface FastEthernet0/0.903
encapsulation dot1Q 903
ip address 192.168.3.1 255.255.255.0
ip access-group outcontrol in
ip nat inside
no cdp enable
!
interface FastEthernet0/0.904
encapsulation dot1Q 904
ip address 192.168.4.1 255.255.255.0
ip access-group officecontrol in
ip nat inside
no cdp enable
!
interface FastEthernet0/0.905
encapsulation dot1Q 905
ip address 192.168.5.1 255.255.255.0
ip access-group outcontrol in
ip nat inside
no cdp enable
!
interface FastEthernet0/0.906
encapsulation dot1Q 906
ip address 192.168.6.1 255.255.255.0
ip access-group outcontrol in
ip nat inside
no cdp enable
!
interface FastEthernet0/0.907
encapsulation dot1Q 907
ip address 192.168.7.1 255.255.255.0
ip access-group outcontrol in
ip nat inside
no cdp enable
!
interface FastEthernet0/1
no ip address
duplex auto
speed auto
!
ip local pool rempool 10.0.0.1 10.0.0.20
ip nat translation timeout 300
ip nat translation tcp-timeout 300
ip nat pool natpool 218.247.142.218 218.247.142.220 netmask 255.255.255.224
ip nat inside source list 1 pool natpool overload
ip nat inside source static tcp 192.168.0.2 23 218.247.142.194 8802 extendable
ip nat inside source static tcp 192.168.0.26 23 218.247.142.194 8826 extendable
ip nat inside source static tcp 192.168.0.25 23 218.247.142.194 8825 extendable
ip nat inside source static tcp 192.168.0.24 23 218.247.142.194 8824 extendable
ip nat inside source static tcp 192.168.0.23 23 218.247.142.194 8823 extendable
ip nat inside source static tcp 192.168.0.21 23 218.247.142.194 8821 extendable
ip nat inside source static tcp 192.168.0.22 23 218.247.142.194 8822 extendable
ip nat inside source static tcp 192.168.0.22 20 218.247.142.194 20 extendable
ip nat inside source static tcp 192.168.0.28 23 218.247.142.194 8828 extendable
ip nat inside source static tcp 192.168.0.29 23 218.247.142.194 8829 extendable
ip nat inside source static tcp 192.168.0.47 23 218.247.142.194 4723 extendable
ip nat inside source static tcp 192.168.0.47 21 218.247.142.194 4721 extendable
ip nat inside source static tcp 192.168.0.47 20 218.247.142.194 4720 extendable
ip nat inside source static tcp 192.168.0.47 25 218.247.142.194 4725 extendable
ip nat inside source static tcp 192.168.0.47 110 218.247.142.194 47110 extendabl
e
ip nat inside source static tcp 192.168.0.200 8080 218.247.142.194 8080 extendab
le
ip nat inside source static tcp 192.168.0.240 23 218.247.142.194 8240 extendable
ip nat inside source static tcp 192.168.0.240 22 218.247.142.194 22 extendable
ip nat inside source static tcp 192.168.0.240 115 218.247.142.194 115 extendable
ip nat inside source static tcp 192.168.0.21 23 218.247.142.194 8826 extendable
ip nat inside source static tcp 192.168.0.240 8080 218.247.142.194 8080 extendab
le
ip nat inside source static tcp 192.168.0.100 23 218.247.142.194 626 extendable
ip nat inside source static tcp 192.168.0.100 23 218.247.142.195 626 extendable
ip nat inside source static tcp 192.168.0.100 23 218.247.142.201 626 extendable
ip nat inside source static tcp 192.168.0.31 23 218.247.142.201 8831 extendable
ip nat inside source static tcp 192.168.0.32 23 218.247.142.201 8832 extendable
ip nat inside source static tcp 192.168.0.33 23 218.247.142.201 8833 extendable
ip nat inside source static tcp 192.168.0.34 23 218.247.142.201 8834 extendable
ip nat inside source static tcp 192.168.0.35 23 218.247.142.201 8835 extendable
ip nat inside source static tcp 192.168.0.84 23 218.247.142.201 8335 extendable
ip nat inside source static tcp 192.168.0.31 23 218.247.142.194 8831 extendable
ip nat inside source static tcp 192.168.0.36 23 218.247.142.201 8836 extendable
ip nat inside source static tcp 192.168.0.36 23 218.247.142.194 8836 extendable
ip nat inside source static tcp 192.168.0.82 21 218.247.142.201 21 extendable
no ip http server
no ip http secure-server
ip classless
ip route 0.0.0.0 0.0.0.0 218.247.142.193
!
!
!
ip access-list extended denyicmp
deny icmp any any
deny tcp any any eq 135
permit ip any any
ip access-list extended firewall
permit tcp any any eq www
permit tcp any eq www any
permit icmp any any
permit tcp any any eq telnet
permit tcp any eq telnet any
permit tcp any any eq ftp
permit tcp any any eq ftp-data
permit tcp any eq ftp any
permit tcp any eq ftp-data any
permit tcp any any eq domain
permit udp any any eq domain
permit tcp any eq domain any
permit udp any eq domain any
permit tcp any any eq smtp
permit tcp any eq smtp any
permit tcp any any eq pop3
permit tcp any eq pop3 any
permit tcp any any eq 2121
permit tcp any any eq 8821
permit tcp any any eq 8822
permit tcp any any eq 8823
permit tcp any any eq 8824
permit tcp any any eq 8825
permit tcp any any eq 8826
permit tcp any any eq 1581
permit tcp any any eq 8080
permit ip host 202.109.106.130 any
permit ip host 218.17.246.163 any
permit ip host 203.93.63.237 any
permit ip host 203.93.63.238 any
permit tcp any eq 5000 any
permit tcp any eq 5001 any
permit tcp any eq 5100 any
permit tcp any eq 5101 any
permit ip host 218.2.247.68 any
permit tcp any eq 7001 any
permit udp any eq 7001 any
permit udp any eq 1863 any
permit tcp any eq 443 any
permit tcp any any eq 5080
permit udp any any eq isakmp
permit tcp any any eq 500
ip access-list extended officecontrol
deny tcp any any eq 1025
deny tcp any any eq 135
deny tcp any any eq 445
deny tcp any any eq 5554 log-input
deny tcp any any eq 9996 log-input
deny tcp any any eq 136
deny tcp any any eq 137
deny tcp any any eq 138
deny tcp any any eq 139
permit ip any any
permit icmp any any
deny udp any any eq 1434
deny ip host 192.168.0.45 any
ip access-list extended outcontrol
deny udp any any eq 4000
deny tcp any any eq 4000
deny udp any any eq 11023
deny tcp any any eq 8000
deny tcp any any eq 1025
deny tcp any any eq 135
deny tcp any any eq 445
deny tcp any any eq 5554 log-input
deny tcp any any eq 9996 log-input
deny tcp any any eq 136
deny tcp any any eq 137
deny tcp any any eq 138
deny tcp any any eq 139
permit tcp any any eq telnet
permit tcp any eq telnet any
permit tcp any any eq ftp
permit tcp any any eq ftp-data
permit tcp any eq ftp any
permit tcp any eq ftp-data any
permit tcp any any eq domain
permit udp any any eq domain
permit ip host 192.168.2.41 any
permit ip host 192.168.2.77 any
permit ip any 192.168.0.0 0.0.255.255
permit udp any any eq bootpc
permit udp any any eq bootps
permit ip any any time-range outcontrol
deny ip host 192.168.0.92 any
deny udp any any eq 1434
deny tcp any any
permit tcp any any eq www
deny udp any any
access-list 1 permit 192.168.0.0 0.0.255.255
access-list 101 permit icmp 192.168.0.0 0.0.255.255 10.0.0.0 0.255.255.255
access-list 101 permit ip 192.168.0.0 0.0.255.255 10.0.0.0 0.255.255.255
!
tftp-server flash:c2600-j1s3-mz.122-13.T8.bin
snmp-server enable traps tty
!
!
dial-peer cor custom
!
!
!
!
!
line con 0
line aux 0
line vty 0 4
password tarenaccnp
login
line vty 5 15
password tarenaccnp
login
!
time-range onecontrol
periodic daily 12:30 to 13:30
periodic daily 17:30 to 23:58
periodic daily 0:00 to 9:30
!
time-range outcontrol
periodic daily 0:30 to 9:30
periodic daily 12:30 to 13:30
periodic daily 17:30 to 18:30
!
!
!
end
2950:
interface FastEthernet0/1
switchport access vlan 910
switchport mode access
no ip address
channel-group 4 mode on
spanning-tree portfast
spanning-tree bpduguard enable
spanning-tree cost 1000
!
interface FastEthernet0/2
switchport access vlan 911
switchport mode access
no ip address
spanning-tree portfast
!
interface FastEthernet0/3
switchport access vlan 912
switchport trunk allowed vlan 1
switchport mode access
no ip address
spanning-tree vlan 357 port-priority 16
spanning-tree vlan 357 cost 17
spanning-tree port-priority 16
spanning-tree cost 18
!
interface FastEthernet0/4
switchport access vlan 913
switchport mode access
no ip address
!
interface FastEthernet0/5
switchport access vlan 910
switchport mode access
no ip address
!
interface FastEthernet0/6
switchport access vlan 60
switchport mode access
no ip address
!
interface FastEthernet0/7
switchport access vlan 87
switchport mode access
no ip address
!
interface FastEthernet0/8
switchport access vlan 87
switchport trunk allowed vlan 11
switchport mode trunk
no ip address
!
interface FastEthernet0/9
switchport access vlan 23
switchport mode trunk
no ip address
!
interface FastEthernet0/10
switchport access vlan 528
switchport mode access
no ip address
udld port
spanning-tree guard root
spanning-tree cost 18
!
interface FastEthernet0/11
switchport access vlan 11
switchport mode access
no ip address
!
interface FastEthernet0/12
description toClassroom7
switchport access vlan 907
switchport mode access
no ip address
!
interface FastEthernet0/13
description toServers
switchport access vlan 906
switchport mode access
no ip address
!
interface FastEthernet0/14
description toServers
switchport access vlan 900
switchport mode access
no ip address
speed 100
!
interface FastEthernet0/15
description to internet
switchport access vlan 800
switchport mode access
no ip address
speed 100
!
interface FastEthernet0/16
description toInternet
switchport access vlan 800
switchport mode access
no ip address
!
interface FastEthernet0/17
description toServers
switchport access vlan 900
switchport mode access
no ip address
duplex half
speed 100
!
interface FastEthernet0/18
description toClassroom1
switchport access vlan 901
switchport mode access
no ip address
!
interface FastEthernet0/19
description toClassroom2
switchport access vlan 902
switchport mode access
no ip address
!
interface FastEthernet0/20
description toClassroom3
switchport access vlan 903
switchport mode access
no ip address
!
interface FastEthernet0/21
description toClassroom4
switchport access vlan 904
switchport mode access
no ip address
!
interface FastEthernet0/22
description toClassroom5
switchport access vlan 905
switchport mode access
no ip address
!
interface FastEthernet0/23
description toServers
switchport access vlan 900
switchport mode access
no ip address
speed 100
!
interface FastEthernet0/24
description Trunkto2621
switchport access vlan 800
switchport mode trunk
no ip address
duplex full
speed 100
!
interface Vlan1
ip address 192.168.0.126 255.255.255.0
no ip route-cache
shutdown
!
interface Vlan2
ip address 192.168.0.127 255.255.255.0
no ip route-cache
shutdown
!
interface Vlan3
no ip address
no ip route-cache
shutdown
!
interface Vlan4
no ip address
no ip route-cache
shutdown
!
interface Vlan9
ip address 192.168.1.1 255.255.255.0
no ip route-cache
shutdown
!
interface Vlan10
no ip address
no ip route-cache
shutdown
!
interface Vlan11
no ip address
no ip route-cache
shutdown
!
interface Vlan13
no ip address
no ip route-cache
shutdown
fair-queue 15 256 0
!
interface Vlan20
no ip address
no ip route-cache
shutdown
!
interface Vlan22
no ip address
no ip route-cache
shutdown
!
interface Vlan30
no ip address
no ip route-cache
shutdown
!
interface Vlan40
no ip address
no ip route-cache
shutdown
!
interface Vlan50
no ip address
no ip route-cache
shutdown
!
interface Vlan60
no ip address
no ip route-cache
shutdown
!
interface Vlan70
no ip address
ip access-group 1 in
no ip route-cache
shutdown
!
interface Vlan101
ip address 16.1.1.1 255.255.255.0
no ip route-cache
shutdown
priority-group 1
!
interface Vlan333
no ip address
no ip route-cache
shutdown
!
interface Vlan555
no ip address
no ip route-cache
shutdown
!
interface Vlan900
ip address 192.168.0.126 255.255.255.0
no ip route-cache
!
interface Vlan910
ip address 1.1.1.1 255.255.255.0
no ip route-cache
shutdown
!
ip default-gateway 192.168.0.1
ip http server
!
access-list 1 deny 14.14.14.14
access-list 1 deny 12.12.12.12
access-list 1 deny 192.168.4.11
access-list 1 permit 192.168.0.131
access-list 1 permit any
access-list 1 deny any
access-list 101 deny ip any host 14.14.14.14
access-list 101 permit ip any any
snmp-server enable traps vtp
banner motd ^C
switchport access vlan 910
switchport mode access
no ip address
channel-group 4 mode on
spanning-tree portfast
spanning-tree bpduguard enable
spanning-tree cost 1000
!
interface FastEthernet0/2
switchport access vlan 911
switchport mode access
no ip address
spanning-tree portfast
!
interface FastEthernet0/3
switchport access vlan 912
switchport trunk allowed vlan 1
switchport mode access
no ip address
spanning-tree vlan 357 port-priority 16
spanning-tree vlan 357 cost 17
spanning-tree port-priority 16
spanning-tree cost 18
!
interface FastEthernet0/4
switchport access vlan 913
switchport mode access
no ip address
!
interface FastEthernet0/5
switchport access vlan 910
switchport mode access
no ip address
!
interface FastEthernet0/6
switchport access vlan 60
switchport mode access
no ip address
!
interface FastEthernet0/7
switchport access vlan 87
switchport mode access
no ip address
!
interface FastEthernet0/8
switchport access vlan 87
switchport trunk allowed vlan 11
switchport mode trunk
no ip address
!
interface FastEthernet0/9
switchport access vlan 23
switchport mode trunk
no ip address
!
interface FastEthernet0/10
switchport access vlan 528
switchport mode access
no ip address
udld port
spanning-tree guard root
spanning-tree cost 18
!
interface FastEthernet0/11
switchport access vlan 11
switchport mode access
no ip address
!
interface FastEthernet0/12
description toClassroom7
switchport access vlan 907
switchport mode access
no ip address
!
interface FastEthernet0/13
description toServers
switchport access vlan 906
switchport mode access
no ip address
!
interface FastEthernet0/14
description toServers
switchport access vlan 900
switchport mode access
no ip address
speed 100
!
interface FastEthernet0/15
description to internet
switchport access vlan 800
switchport mode access
no ip address
speed 100
!
interface FastEthernet0/16
description toInternet
switchport access vlan 800
switchport mode access
no ip address
!
interface FastEthernet0/17
description toServers
switchport access vlan 900
switchport mode access
no ip address
duplex half
speed 100
!
interface FastEthernet0/18
description toClassroom1
switchport access vlan 901
switchport mode access
no ip address
!
interface FastEthernet0/19
description toClassroom2
switchport access vlan 902
switchport mode access
no ip address
!
interface FastEthernet0/20
description toClassroom3
switchport access vlan 903
switchport mode access
no ip address
!
interface FastEthernet0/21
description toClassroom4
switchport access vlan 904
switchport mode access
no ip address
!
interface FastEthernet0/22
description toClassroom5
switchport access vlan 905
switchport mode access
no ip address
!
interface FastEthernet0/23
description toServers
switchport access vlan 900
switchport mode access
no ip address
speed 100
!
interface FastEthernet0/24
description Trunkto2621
switchport access vlan 800
switchport mode trunk
no ip address
duplex full
speed 100
!
interface Vlan1
ip address 192.168.0.126 255.255.255.0
no ip route-cache
shutdown
!
interface Vlan2
ip address 192.168.0.127 255.255.255.0
no ip route-cache
shutdown
!
interface Vlan3
no ip address
no ip route-cache
shutdown
!
interface Vlan4
no ip address
no ip route-cache
shutdown
!
interface Vlan9
ip address 192.168.1.1 255.255.255.0
no ip route-cache
shutdown
!
interface Vlan10
no ip address
no ip route-cache
shutdown
!
interface Vlan11
no ip address
no ip route-cache
shutdown
!
interface Vlan13
no ip address
no ip route-cache
shutdown
fair-queue 15 256 0
!
interface Vlan20
no ip address
no ip route-cache
shutdown
!
interface Vlan22
no ip address
no ip route-cache
shutdown
!
interface Vlan30
no ip address
no ip route-cache
shutdown
!
interface Vlan40
no ip address
no ip route-cache
shutdown
!
interface Vlan50
no ip address
no ip route-cache
shutdown
!
interface Vlan60
no ip address
no ip route-cache
shutdown
!
interface Vlan70
no ip address
ip access-group 1 in
no ip route-cache
shutdown
!
interface Vlan101
ip address 16.1.1.1 255.255.255.0
no ip route-cache
shutdown
priority-group 1
!
interface Vlan333
no ip address
no ip route-cache
shutdown
!
interface Vlan555
no ip address
no ip route-cache
shutdown
!
interface Vlan900
ip address 192.168.0.126 255.255.255.0
no ip route-cache
!
interface Vlan910
ip address 1.1.1.1 255.255.255.0
no ip route-cache
shutdown
!
ip default-gateway 192.168.0.1
ip http server
!
access-list 1 deny 14.14.14.14
access-list 1 deny 12.12.12.12
access-list 1 deny 192.168.4.11
access-list 1 permit 192.168.0.131
access-list 1 permit any
access-list 1 deny any
access-list 101 deny ip any host 14.14.14.14
access-list 101 permit ip any any
snmp-server enable traps vtp
banner motd ^C
<=========]=o
^C
!
line con 0
password tarenaccnp
logging synchronous
line vty 0 4
exec-timeout 0 0
password cisco
logging synchronous
login
line vty 5 15
exec-timeout 0 0
password cisco
logging synchronous
login
!
!
monitor session 1 source interface Fa0/1 , Fa0/3 - 5 , Fa0/9 , Fa0/14 - 15 , Fa0
/24
monitor session 1 destination interface Fa0/10
monitor session 2 destination interface Fa0/6
mac-address-table static 1111.1111.1111 vlan 1 interface FastEthernet0/1
mac-address-table static 2222.2222.2222 vlan 1 interface FastEthernet0/1
end
!
line con 0
password tarenaccnp
logging synchronous
line vty 0 4
exec-timeout 0 0
password cisco
logging synchronous
login
line vty 5 15
exec-timeout 0 0
password cisco
logging synchronous
login
!
!
monitor session 1 source interface Fa0/1 , Fa0/3 - 5 , Fa0/9 , Fa0/14 - 15 , Fa0
/24
monitor session 1 destination interface Fa0/10
monitor session 2 destination interface Fa0/6
mac-address-table static 1111.1111.1111 vlan 1 interface FastEthernet0/1
mac-address-table static 2222.2222.2222 vlan 1 interface FastEthernet0/1
end
