H3C NS-F1000-AI-60

可以参考下面链接

https://www.h3c.com/cn/d_202208/1668959_30005_0.htm

这是我写的配置

1. LACP 绑定接口（下联华为交换机）
interface Bridge-Aggregation1
description TO-HUAWEI-SW
link-aggregation mode dynamic
port link-type trunk
port trunk permit vlan 12 20 31


2. 物理口加入聚合组
interface GigabitEthernet1/0/1
port link-aggregation group 1

interface GigabitEthernet1/0/2
port link-aggregation group 1

3. VLAN Interface（三个业务网段）
interface Vlan-interface12
ip address 172.16.12.62 255.255.255.192

interface Vlan-interface20
ip address 172.16.20.62 255.255.255.192

interface Vlan-interface31
ip address 172.30.31.254 255.255.255.0

4. 公网接口（WAN）
interface GigabitEthernet1/0/0
ip address 207.35.121.195 255.255.255.224
undo shutdown

5. 带外管理口（OOB）
interface GigabitEthernet1/0/3
ip address 10.158.31.129 255.255.255.192
undo shutdown

6. 默认路由

ip route-static 0.0.0.0 0 207.35.121.193

7. NAT（如果 H3C 替代 Fortigate 出口）
acl number 3000
rule 5 permit ip source 172.16.0.0 0.0.255.255
rule 10 permit ip source 172.30.31.0 0.0.0.255

interface GigabitEthernet1/0/0
nat outbound 3000