局域网搭建chatgpt 局域网搭建与管理_局域网搭建chatgpt

需求:
搭建如图所示的网络,要求主楼与辅楼能够相互通信,且核心交换机与辅楼主交换配置管理vlan并开启telnet,使通信办电脑可以远程维护。

工具:

华为模拟器ensp

规划:
1.主楼通信办划入vlan 10,网段为192.168.10.0/24;辅楼划入vlan 20,网段为192.168.20.0/24。
2.核心交换机作为网关,网关地址均为该网段的254。
3.在核心上开启路由转发功能,使主楼和辅楼可以通信。
4.vlan 2作为管理vlan,网段为192.168.0.0/24,网关同样设置在核心上,为254。

实现:

1.在核心交换机上配置vlan

//创建vlan10,配置通信办网关地址。将与通信办连接的口设置为trunk
[Huawei]vlan 10
[Huawei-vlan10]int vlan 10
[Huawei-Vlanif10]ip add 192.168.10.254 255.255.255.0
[Huawei-Vlanif10]quit
[Huawei]int GigabitEthernet 0/0/1
[Huawei-GigabitEthernet0/0/1]port link-type trunk //上联口设置为trunk口
[Huawei-GigabitEthernet0/0/1]port trunk allow-pass vlan 10
[Huawei-GigabitEthernet0/0/1]port trunk allow-pass vlan 2  //通信办电脑需要访问vlan2,因此要放通。

//创建vlan20,配置辅楼网关地址。将与辅楼连接的口设置为trunk
[Huawei]vlan 20
[Huawei-vlan20]int vlan 20
[Huawei-Vlanif20]ip add 192.168.20.254 255.255.255.0
[Huawei-Vlanif20]quit	
[Huawei]int GigabitEthernet 0/0/2
[Huawei-GigabitEthernet0/0/2]por	
[Huawei-GigabitEthernet0/0/2]port l	
[Huawei-GigabitEthernet0/0/2]port link-t	
[Huawei-GigabitEthernet0/0/2]port link-type tr	
[Huawei-GigabitEthernet0/0/2]port link-type trunk 
[Huawei-GigabitEthernet0/0/2]port trunk allow-pass vlan 20
[Huawei-GigabitEthernet0/0/2]port trunk allow-pass vlan 2

2.在通信办交换机上配置vlan

//将上联口设置为trunk,下联口设置为access口
[tongxinban]int GigabitEthernet 0/0/1	
[tongxinban-GigabitEthernet0/0/1]port link-type trunk //将上联口设置成trunk
[tongxinban-GigabitEthernet0/0/1]port trunk allow-pass vlan 10
[tongxinban-GigabitEthernet0/0/1]port trunk allow-pass vlan 2
[tongxinban-GigabitEthernet0/0/1]
[tongxinban-GigabitEthernet0/0/1]quit	
[tongxinban]int GigabitEthernet 0/0/2
[tongxinban-GigabitEthernet0/0/2]port link-type access 
[tongxinban-GigabitEthernet0/0/2]quit
[tongxinban]vlan 10
[tongxinban-vlan10]port GigabitEthernet 0/0/2   //将下联口划入vlan 10
[tongxinban]vlan 2

此时通信办电脑到网关的通信已打通

局域网搭建chatgpt 局域网搭建与管理_运维_02

 3.在辅楼主交换上配置vlan

//此交换机是辅楼的枢纽,因此所有口均设置为trunk
[fulou_main]int GigabitEthernet 0/0/1	
[fulou_main-GigabitEthernet0/0/1]port link-type trunk 
[fulou_main-GigabitEthernet0/0/1]port trunk allow-pass vlan 20
[fulou_main-GigabitEthernet0/0/1]port trunk allow-pass vlan 2
[fulou_main-GigabitEthernet0/0/1]quit

[fulou_main]int GigabitEthernet 0/0/2
[fulou_main-GigabitEthernet0/0/2]port link-type trunk	
[fulou_main-GigabitEthernet0/0/2]port trunk allow-pass vlan 20
[fulou_main-GigabitEthernet0/0/2]port trunk allow-pass vlan 2
[fulou_main-GigabitEthernet0/0/2]quit
	
[fulou_main]int GigabitEthernet 0/0/3
[fulou_main-GigabitEthernet0/0/3]port link-type trunk	
[fulou_main-GigabitEthernet0/0/3]port trunk allow-pass vlan 20
[fulou_main-GigabitEthernet0/0/3]port trunk allow-pass vlan 2
[fulou_main]vlan 20
[fulou_main-vlan20]quit
[fulou_main]vlan 2

4.在辅楼办公室交换机上配置vlan

//逻辑同通信办交换机,只是vlan数字区别
[fulou_office]int GigabitEthernet 0/0/1
[fulou_office-GigabitEthernet0/0/1]port link-type trunk //上联口设置为trunk
[fulou_office-GigabitEthernet0/0/1]port trunk allow-pass vlan 20
[fulou_office-GigabitEthernet0/0/1]port trunk allow-pass vlan 2
[fulou_office-GigabitEthernet0/0/1]quit

[fulou_office]int GigabitEthernet 0/0/2
[fulou_office-GigabitEthernet0/0/2]port link-type access //下联口设置为access
[fulou_office-GigabitEthernet0/0/2]quit
[fulou_office]vlan 20
[fulou_office-vlan20]port GigabitEthernet 0/0/2 //将下联口划入vlan 20
[fulou_office]vlan 2

此时辅楼办公室电脑已与网关打通,且已经可以与通信办电脑通信

局域网搭建chatgpt 局域网搭建与管理_网络协议_03

 5.在核心交换机上配置管理vlan,并开启telnet

[Huawei]vlan 2 //创建管理vlan
[Huawei-vlan2]ip-subnet-vlan ip 192.168.10.0 255.255.255.0 //将通信办网段作为子网加入vlan2,使通信办电脑可以访问vlan2.
[Huawei-vlan2]int vlan 2
[Huawei-Vlanif2]ip add 192.168.0.254 255.255.255.0 //配置远程管理地址
[Huawei-Vlanif2]quit
[Huawei]telnet server enable    //开启telnet功能
Info: The Telnet server has been enabled.
[Huawei]aaa                     //进入本地用户配置模式
[Huawei-aaa]local-user admin password cipher abc123   //设置用户名和密码
[Huawei-aaa]local-user admin service-type telnet 
[Huawei-aaa]local-user admin level 3                  //设置用户等级,3最高
[Huawei-aaa]quit
[Huawei]user-interface vty 0 4	//进入远程用户配置模式
[Huawei-ui-vty0-4]authentication-mode password	      //配置远程用户验证方式
[Huawei-ui-vty0-4]set authentication password cipher abc123 //设置远程用户密码
[Huawei-ui-vty0-4]protocol inbound telnet

6.在辅楼主交换机上配置telnet

[fulou_main]vlan 2	//创建管理vlan
[fulou_main-vlan2]int vlan 2
[fulou_main-Vlanif2]ip add 192.168.0.3 255.255.255.0 //配置远程管理地址
[fulou_main-Vlanif2]quit
[fulou_main]aaa
[fulou_main-aaa]local-user admin password cipher abc123
[fulou_main-aaa]local-user admin service-type telnet	
[fulou_main-aaa]local-user admin level 3
[fulou_main-aaa]quit
[fulou_main]user-interface vty 0 4
[fulou_main-ui-vty0-4]authentication-mode password 	
[fulou_main-ui-vty0-4]set authentication password cipher abc123	
[fulou_main-ui-vty0-4]protocol inbound telnet 
[fulou_main-ui-vty0-4]quit
[fulou_main]telnet server enable 
Info: The Telnet server has been enabled.
[fulou_main]ip route-static 0.0.0.0 0.0.0.0 192.168.0.254 //设置默认路由,否则通信办无法访问该远程地址

局域网搭建chatgpt 局域网搭建与管理_Ethernet_04

如图,此时通信办可以访问核心交换机和辅楼主交换的管理地址。由于ensp的pc没有telnet功能,因此不演示telnet。

总结:

1.vlan2是根据子网划分的vlan,无需将某个端口划入该vlan,需将通信办网段作为子网划入vlan2,使通信办电脑可以访问vlan2;

2.vlan10是根据端口划分的vlan,必须将通信办所连的口子划入vlan10才能通信。vlan20同理。

3.辅楼主交换配置完管理地址后,需配置默认路由,否则无法通信。