mac-address static

原创

航天图景于海生 2024-03-08 20:10:40 博主文章分类：网络类别 ©著作权

文章标签 f5 文章分类 网络安全 yyds干货盘点

©著作权归作者所有：来自51CTO博客作者航天图景于海生的原创作品，请联系作者获取转载授权，否则将追究法律责任

1、实验拓扑图

mac-address static_f5

2、实验目的

防止冒访者访问网内其他资源

3、实验配置

SW1:

<sw1>display current-configuration

sysname sw1

vlan batch 10 20 30

mac-address aging-time 10

cluster enable

ntdp enable

ndp enable

drop illegal-mac alarm

dhcp enable

diffserv domain default

drop-profile default

ip pool dhcpvlan10

gateway-list 10.1.1.1

network 10.1.1.0 mask 255.255.255.0

lease day 10 hour 0 minute 0

dns-list 8.8.8.8

aaa

authentication-scheme default

authorization-scheme default

accounting-scheme default

domain default

domain default_admin

local-user admin password simple admin

local-user admin service-type http

interface Vlanif1

interface Vlanif10

ip address 10.1.1.1 255.255.255.0

dhcp select global

interface MEth0/0/1

interface GigabitEthernet0/0/1

port link-type access

port default vlan 10

port-security enable

port-security protect-action shutdown

port-security mac-address sticky

interface GigabitEthernet0/0/2

port link-type access

port default vlan 10

interface GigabitEthernet0/0/3

port link-type access

port default vlan 10

interface GigabitEthernet0/0/4

interface GigabitEthernet0/0/5

interface GigabitEthernet0/0/6

interface GigabitEthernet0/0/7

interface GigabitEthernet0/0/8

interface GigabitEthernet0/0/9

interface GigabitEthernet0/0/10

interface GigabitEthernet0/0/11

interface GigabitEthernet0/0/12

interface GigabitEthernet0/0/13

interface GigabitEthernet0/0/14

interface GigabitEthernet0/0/15

interface GigabitEthernet0/0/16

interface GigabitEthernet0/0/17

interface GigabitEthernet0/0/18

interface GigabitEthernet0/0/19

interface GigabitEthernet0/0/20

interface GigabitEthernet0/0/21

interface GigabitEthernet0/0/22

interface GigabitEthernet0/0/23

interface GigabitEthernet0/0/24

interface NULL0

mac-address static 5489-98cd-0e91 GigabitEthernet0/0/1 vlan 10

mac-address static 5489-987a-1bf5 GigabitEthernet0/0/1 vlan 10

mac-address static 5489-987e-319c GigabitEthernet0/0/2 vlan 10

mac-address static 5489-98c9-01a9 GigabitEthernet0/0/1 vlan 10

mac-address static 5489-9859-5dd9 GigabitEthernet0/0/3 vlan 10

user-interface con 0

user-interface vty 0 4

return

<sw1>

SW2:

<sw2>display current-configuration

sysname sw2

vlan batch 10 20 30

cluster enable

ntdp enable

ndp enable

drop illegal-mac alarm

diffserv domain default

drop-profile default

aaa

authentication-scheme default

authorization-scheme default

accounting-scheme default

domain default

domain default_admin

local-user admin password simple admin

local-user admin service-type http

interface Vlanif1

interface MEth0/0/1

interface GigabitEthernet0/0/1

port link-type access

port default vlan 10

interface GigabitEthernet0/0/2

port link-type access

port default vlan 10

interface GigabitEthernet0/0/3

port link-type access

port default vlan 10

interface GigabitEthernet0/0/4

port link-type access

port default vlan 10

interface GigabitEthernet0/0/5

interface GigabitEthernet0/0/6

interface GigabitEthernet0/0/7

interface GigabitEthernet0/0/8

interface GigabitEthernet0/0/9

interface GigabitEthernet0/0/10

interface GigabitEthernet0/0/11

interface GigabitEthernet0/0/12

interface GigabitEthernet0/0/13

interface GigabitEthernet0/0/14

interface GigabitEthernet0/0/15

interface GigabitEthernet0/0/16

interface GigabitEthernet0/0/17

interface GigabitEthernet0/0/18

interface GigabitEthernet0/0/19

interface GigabitEthernet0/0/20

interface GigabitEthernet0/0/21

interface GigabitEthernet0/0/22

interface GigabitEthernet0/0/23

interface GigabitEthernet0/0/24

interface NULL0

user-interface con 0

user-interface vty 0 4

return

<sw2>

4、实验结果

mac-address static_f5_02

mac-address static_f5_03

上一篇：ospf 接口认证

下一篇：DHCP relay

提问和评论都可以，用心的回复会被更多人看到评论

发布评论

相关文章

官方博客	全部文章	热门标签	班级博客
了解我们	网站地图	意见反馈

鸿蒙开发者社区	51CTO学堂
51CTO	软考资讯