Enter configuration commands, one per line. End with CNTL/Z.
Switch(config)#no ip do lo
Switch(config)#line 0
Switch(config-line)#logg syn
Switch(config-line)#exec-t 0
Switch(config-line)#end
DIS01(config)#ip ro
DIS01(config)#ip routin
DIS01(config)#ip routing
DIS01(config)#ip cef
DIS01(config)#ip cef
DIS01(config-vlan)#name server
DIS01(config-vlan)#vlan 3
DIS01(config-vlan)#name vlan3
DIS01(config-vlan)#vlan 4
DIS01(config-vlan)#name vlan4
DIS01(config-vlan)#int vlan 2
DIS01(config-if)#ip add 10.1.
*Mar 1 00:06:12.195: %LINEPROTO-5-UPDOWN: Line protocol on Interface Vlan2, changed state to down
DIS01(config-if)#ip add 10.1.2.254 255.255.255.0
DIS01(config-if)#no sh
DIS01(config-if)#no shutdown
DIS01(config-if)#int vlan 2
DIS01(config-if)#int vlan 3
DIS01(config-if)#ip add
*Mar 1 00:06:25.651: %LINEPROTO-5-UPDOWN: Line protocol on Interface Vlan3, changed state to down
DIS01(config-if)#ip add 10.1.3.254 255.255.255.0
DIS01(config-if)#no sh
DIS01(config-if)#no shutdown
DIS01(config-if)#int vlan 4
DIS01(config-if)#ip add 10.1
*Mar 1 00:06:42.151: %LINEPROTO-5-UPDOWN: Line protocol on Interface Vlan4, changed state to down
DIS01(config-if)#ip add 10.1.4.254 255.255.255.0
DIS01(config-if)#no sh
DIS01(config-if)#no shutdown
DIS01(config)#int range fa0/1 - 2
DIS01(config-if-range)#switchport mode access
DIS01(config-if-range)#switchport access vlan 2
DIS01(config)#int range fa0/3 - 4
DIS01(config-if-range)#sw mo ac
DIS01(config-if-range)#sw ac vl 3
DIS01(config-if-range)#exit
DIS01(config)#int range fa0/5 - 6
DIS01(config-if-range)#sw mo ac
DIS01(config-if-range)#sw ac vl 4
DIS01(config-if-range)#end
DIS01(config)#ip dhcp excluded-address 10.1.3.0 10.1.3.50
DIS01(config)#ip dhcp excluded-address 10.1.3.240 10.1.3.254
DIS01(config)#ip dhcp excluded-address 10.1.4.0 10.1.4.50
DIS01(config)#ip dhcp excluded-address 10.1.4.240 10.1.4.254
DIS01(dhcp-config)#network 10.1.2.0 255.255.255.0
DIS01(dhcp-config)#default-router 10.1.2.254
DIS01(dhcp-config)#exit
DIS01(config)#ip dhcp pool vlan3
DIS01(dhcp-config)#network 10.1.3.0 255.255.255.0
DIS01(dhcp-config)#default-router 10.1.3.254
DIS01(dhcp-config)#exit
DIS01(config)#ip dhcp pool vlan4
DIS01(dhcp-config)#default-router 10.1.4.254
DIS01(dhcp-config)#network 10.1.4.0 255.255.255.0
DIS01(dhcp-config)#end
DIS01(config-if-range)#spanning-tree portfast
Sending 5, 100-byte ICMP Echos to 10.1.2.51, timeout is 2 seconds:
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 1/2/4 ms
DIS01#ping 10.1.3.51
Sending 5, 100-byte ICMP Echos to 10.1.3.51, timeout is 2 seconds:
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 1/2/4 ms
DIS01(config)#access-list 101 permit ip 10.1.3.0 0.0.0.255 10.1.3.0 0.0.0.255
DIS01(config)#access-list 101 permit ip any host 1.1.1.1
DIS01(config)#access-list 102 permit ip 10.1.4.0 0.0.0.255 10.1.2.0 0.0.0.255
DIS01(config)#access-list 102 permit ip 10.1.4.0 0.0.0.255 10.1.4.0 0.0.0.255
DIS01(config)#access-list 102 permit ip any host 1.1.1.1
DIS01(config-if)#ip add 1.1.1.1 255.255.255.0
DIS01(config-if)#ip access-group 101 in
DIS01(config)#int vlan 4
DIS01(config-if)#ip access-group 102 in
DIS01(config-if)#end
Switch(config)# access-list 101 permit ip 192.168.30.0 0.0.0.255 192.168.10.0 0.0.0.255
(不同之处:因为VACL对数据流没有inbound和outbound之分,所以要把允许通过某vlan的IP数据流都permit才行。VLAN10允许与VLAN30通讯,而数据流又是双向的,所以要在ACL中增加VLAN30的网段)
Switch(config-vlan-access)# match ip address 101 // 设置匹配规则为acl 101
Switch(config-vlan-access)# action forward // 匹配后,设置数据流转发(forward)
Switch(config)# vlan access-map test2 //定义一个vlan access map,取名为test2
Switch(config-vlan-access)# match ip address 102 // 设置匹配规则为acl 102
Switch(config-vlan-access)# action forward // 匹配后,设置数据流转发(forward)
Switch(config)# vlan filter test2 vlan-list 20 //将上面配置的test1应用到vlan20中