H3C S3100V3-28TP-EI-6126P13交换机端口下接的电脑获不到ip
配置如下:
version 7.1.070, Release 6126P13
#
sysname WUZI
#
irf mac-address persistent timer
irf auto-update enable
undo irf link-delay
irf member 1 priority 1
#
port-security enable
#
dhcp snooping enable
dhcp snooping binding database filename 69.dhcp
dhcp snooping binding database update interval 180
#
lldp global enable
#
loopback-detection global enable vlan 1 to 4094
#
password-recovery enable
#
vlan 1
#
vlan 15
arp detection enable
#
vlan 16
arp detection enable
#
vlan 19
arp detection enable
#
vlan 101
#
vlan 201
#
traffic classifier pz001 operator and
if-match acl 3000
#
traffic behavior pz001_deny
filter deny
#
qos policy pz001_use
classifier pz001 behavior pz001_deny
#
interface NULL0
#
interface Vlan-interface1
description manage-vlan
ip address 192.168.5.31 255.255.255.0
#
interface Ethernet1/0/1
port access vlan 19
port-security max-mac-count 1
port-security port-mode autolearn
port-security mac-address security sticky b8ac-6f1f-2d04 vlan 19
loopback-detection enable vlan 1 to 4094
dhcp snooping binding record
#
interface Ethernet1/0/2
port access vlan 201
port-security max-mac-count 1
port-security port-mode autolearn
port-security mac-address security sticky 1060-4b5c-40cc vlan 201
loopback-detection enable vlan 1 to 4094
dhcp snooping binding record
#
interface Ethernet1/0/3
port access vlan 19
port-security max-mac-count 1
port-security port-mode autolearn
port-security mac-address security sticky 78e3-b59f-ea94 vlan 19
loopback-detection enable vlan 1 to 4094
dhcp snooping binding record
#
interface Ethernet1/0/4
port access vlan 19
port-security max-mac-count 1
port-security port-mode autolearn
port-security mac-address security sticky 309c-232f-2cf5 vlan 19
loopback-detection enable vlan 1 to 4094
dhcp snooping binding record
#
interface Ethernet1/0/5
port access vlan 19
port-security max-mac-count 1
port-security port-mode autolearn
port-security mac-address security sticky 309c-232f-2db9 vlan 19
loopback-detection enable vlan 1 to 4094
dhcp snooping binding record
#
interface Ethernet1/0/6
port access vlan 15
port-security max-mac-count 1
port-security port-mode autolearn
port-security mac-address security sticky 309c-232f-2caa vlan 15
loopback-detection enable vlan 1 to 4094
dhcp snooping binding record
#
interface Ethernet1/0/7
port access vlan 19
port-security max-mac-count 1
port-security port-mode autolearn
port-security mac-address security sticky 24be-0501-77cf vlan 19
loopback-detection enable vlan 1 to 4094
dhcp snooping binding record
#
interface Ethernet1/0/8
port access vlan 201
port-security max-mac-count 1
port-security port-mode autolearn
loopback-detection enable vlan 1 to 4094
dhcp snooping binding record
#
interface Ethernet1/0/9
port access vlan 201
port-security max-mac-count 1
port-security port-mode autolearn
loopback-detection enable vlan 1 to 4094
dhcp snooping binding record
#
interface Ethernet1/0/10
port access vlan 201
port-security max-mac-count 1
port-security port-mode autolearn
loopback-detection enable vlan 1 to 4094
dhcp snooping binding record
#
interface Ethernet1/0/11
port access vlan 201
port-security max-mac-count 1
port-security port-mode autolearn
loopback-detection enable vlan 1 to 4094
dhcp snooping binding record
#
interface Ethernet1/0/12
port access vlan 201
port-security max-mac-count 1
port-security port-mode autolearn
loopback-detection enable vlan 1 to 4094
dhcp snooping binding record
#
interface Ethernet1/0/13
port access vlan 201
port-security max-mac-count 1
port-security port-mode autolearn
loopback-detection enable vlan 1 to 4094
dhcp snooping binding record
#
interface Ethernet1/0/14
port access vlan 201
port-security max-mac-count 1
port-security port-mode autolearn
loopback-detection enable vlan 1 to 4094
dhcp snooping binding record
#
interface Ethernet1/0/15
port access vlan 201
port-security max-mac-count 1
port-security port-mode autolearn
loopback-detection enable vlan 1 to 4094
dhcp snooping binding record
#
interface Ethernet1/0/16
port access vlan 201
port-security max-mac-count 1
port-security port-mode autolearn
loopback-detection enable vlan 1 to 4094
dhcp snooping binding record
#
interface GigabitEthernet1/0/17
port access vlan 201
port-security max-mac-count 1
port-security port-mode autolearn
loopback-detection enable vlan 1 to 4094
dhcp snooping binding record
#
interface GigabitEthernet1/0/18
port access vlan 201
port-security max-mac-count 1
port-security port-mode autolearn
loopback-detection enable vlan 1 to 4094
dhcp snooping binding record
#
interface GigabitEthernet1/0/19
port access vlan 201
port-security max-mac-count 1
port-security port-mode autolearn
loopback-detection enable vlan 1 to 4094
dhcp snooping binding record
#
interface GigabitEthernet1/0/20
port access vlan 201
port-security max-mac-count 1
port-security port-mode autolearn
loopback-detection enable vlan 1 to 4094
dhcp snooping binding record
#
interface GigabitEthernet1/0/21
port access vlan 201
port-security max-mac-count 1
port-security port-mode autolearn
loopback-detection enable vlan 1 to 4094
dhcp snooping binding record
#
interface GigabitEthernet1/0/22
port access vlan 201
port-security max-mac-count 1
port-security port-mode autolearn
loopback-detection enable vlan 1 to 4094
dhcp snooping binding record
#
interface GigabitEthernet1/0/23
port access vlan 201
port-security max-mac-count 1
port-security port-mode autolearn
loopback-detection enable vlan 1 to 4094
dhcp snooping binding record
#
interface GigabitEthernet1/0/24
port link-type trunk
port trunk permit vlan all
arp detection trust
packet-filter 2001 inbound
packet-filter 2001 outbound
dhcp snooping trust
#
interface GigabitEthernet1/0/25
shutdown
#
interface GigabitEthernet1/0/26
shutdown
#
interface GigabitEthernet1/0/27
shutdown
#
interface GigabitEthernet1/0/28
shutdown
#
scheduler logfile size 16
#
line class aux
user-role network-admin
#
line class vty
user-role network-operator
#
line aux 0
authentication-mode scheme
user-role network-admin
#
line vty 0 4
authentication-mode scheme
user-role network-operator
protocol inbound ssh
#
line vty 5 63
user-role network-operator
#
ip route-static 0.0.0.0 0 192.168.5.254
#
snmp-agent
snmp-agent local-engineid 800063A280DCDA806CF34A00000001
snmp-agent community write pzprivatehu
snmp-agent community read pzpublichu
snmp-agent sys-info version all
#
ssh server enable
ssh user pzgd service-type stelnet authentication-type password
#
arp detection validate dst-mac ip src-mac
#
qos apply policy pz001_use global inbound
qos apply policy pz001_use global outbound
#
acl number 2001
rule 0 permit source 192.168.16.0 0.0.0.255
rule 1 deny source 192.168.0.0 0.0.255.255
#
acl number 3000
rule 0 deny tcp destination-port eq 445
rule 1 deny udp destination-port eq 445
rule 2 deny tcp destination-port eq 135
rule 3 deny udp destination-port eq 135
rule 4 deny tcp destination-port eq 137
rule 5 deny udp destination-port eq netbios-ns
rule 6 deny tcp destination-port eq 139
rule 7 deny udp destination-port eq netbios-ssn
rule 8 deny tcp destination-port eq 138
rule 9 deny udp destination-port eq netbios-dgm
#
super password role network-admin hash $h$6$pDvLfEyV7Ayj7gQD$B52cfpvdVyo7copb91yl77e8uLIV6wiWN34ydtmM0oAs9XPoQRmoW2qvkfei4BjrdT+ECexoT0FL8xIRHpDz5Q==
#
radius scheme system
user-name-format without-domain
#
domain system
#
domain default enable system
#
role name level-0
description Predefined level-0 role
#
role name level-1
description Predefined level-1 role
#
role name level-2
description Predefined level-2 role
#
role name level-3
description Predefined level-3 role
#
role name level-4
description Predefined level-4 role
#
role name level-5
description Predefined level-5 role
#
role name level-6
description Predefined level-6 role
#
role name level-7
description Predefined level-7 role
#
role name level-8
description Predefined level-8 role
#
role name level-9
description Predefined level-9 role
#
role name level-10
description Predefined level-10 role
#
role name level-11
description Predefined level-11 role
#
role name level-12
description Predefined level-12 role
#
role name level-13
description Predefined level-13 role
#
role name level-14
description Predefined level-14 role
#
user-group system
#
local-user pzgd class manage
password hash $h$6$EaXo/5r1SWdBQ7O+$+4FdZr9gbc7sKN4Y9yDyuXOv8EH5FO6wFmyvx09a1LWEAjzzBXHDgoagB8cOLLOx4jE+H5GkAUkskVC755zxqg==
service-type ssh terminal
authorization-attribute user-role level-1
authorization-attribute user-role network-operator
(0)
最佳答案
手工配个地址ping一下网关可以ping通吗?
(0)
如果只做基本配置,网络是通的,另一台同样的配置又是好的,不知道哪里有问题?
配置里管理VLAN的IP和默认路由的IP在粘贴上来前改了下,实际不是192.168段的,请忽略.
亲~登录后才可以操作哦!
确定你的邮箱还未认证,请认证邮箱或绑定手机后进行当前操作
举报
×
侵犯我的权益
×
侵犯了我企业的权益
×
抄袭了我的内容
×
原文链接或出处
诽谤我
×
对根叔社区有害的内容
×
不规范转载
×
举报说明