H3C Comprehensive Configuration

650) this.width=650; "title=" S.png "alt=" Wkiol1zsrcjt3ounaabtyb3tzs8844.png "src=" http://s3.51cto.com/wyfs02/M01/ 77/b4/wkiol1zsrcjt3ounaabtyb3tzs8844.png "/>

Second, the experimental scene:

H the network topology diagram of the company, the network environment is described as follows:

• RTB is the H company convergence Layer route and is the egress router that connects the external network

• SWA connecting the company's local area network user PCA,PCA accesses the public network by NAT translation configured on the RTB

• Company Users PCB requirements can telnet LAN router RTA

• Ethernet connection between SWB and RTA, using RIPV2 for interconnection

• Interconnection between RTA and RTB via PPP and RIPV2 ,with CHAP bidirectional authentication configured between RTA and RTB

• Use Ethernet between SWA and SWB ,RTB and SWC to configure static routing for interconnection

Third, the experimental requirements:

please build and configure H company network, requirements:

2. Complete the topology link according to the diagram and complete the identification as shown.

4. properly configured IP Address, note that the interface address is adjusted appropriately according to the selected device, for example:G0/1 is adjusted to G1/0/1, please configure it on the correct interfacewithout modifying the icon IP address.

6. properly configured The link aggregation between the SWA and SWB interconnect Interfaces "G0/23" and "g0/24" Multiplies the interconnection bandwidth in the case of no loop between devices.

8. properly configured PPP and mutual CHAP protocol authentication between RTA and RTB (i.e. RTA and RTB authentication), and user names on two routers are CHAP , the password is test, enabling RTA and RTB Wan to interoperate.

10. properly configured The RIPV2 protocol between SWB,RTA,RTB, requires:

• SWA rtb and Swc protocol release Route

• < Span style= "font-family: ' The song Body '; > in the configuration ripv2 Import command

• pca can Ping Ge0/1 interface IP

6. In configure NAT on RTB and static routing for each router H company LAN users access SWC and PCB through NAT conversion :

• The Access control list is configured correctly, enabling only the network segment where PCA accesses SWC through Nat translation

• in the NAT conversion is implemented using NAPT on RTB ,Nat address pool is 100.1.1.100-100.1.1.110

• properly configured NAT Sever service allows the PCB to remotely Telnet to the RTA to configure the device

• Configure a reasonable static route so that PCA can ping through PCB

7. Configure ACLs on reasonable devices on the network , requiring:

• PCA and RTA cannot ping each other , but PCA can still ping any of the normal working interface addresses of other devices in the network

  
  

• PCA cannot telnet to RTA, but the PCB can telnet to RTA with usernameand password (user name Password:3011) mode login, login with administrator rights.

Q:

Building a topology diagram

650) this.width=650; "title=" 1.1.png "style=" float:right; "alt=" wkiol1zsrecaj_wfaacwtxron8i337.png "src=" http:/ S2.51cto.com/wyfs02/m01/77/b4/wkiol1zsrecaj_wfaacwtxron8i337.png "/>

To set up link aggregation:

Interface bridge-aggregation 1 // Create link Aggregation group 1

Port link-aggregation Group 1 // set a port to belong to group 1

Port Link-type Trunk //Set link status to Trunk link

Port Trunk Permit v Lan 3 //Allow VLAN all to pass and set default VLAN

Configuration PPP two-way verification

Local-user CHAP class Network //Create new user CHAP belongs to network

Password cipher Test //Set simple password test

Service-type PPP //Set owning protocol not PPP

Ppp-authentication-mode Chap //Set PPP mode to CHAP

PPP CHAP user CHAP //Set PPP authentication user name

PPP chap password Simple test //Set PPP authentication password

Configuration NAT Conversion

ACL Basic // Create base ACL

Rule Permit Source 10.1.1.0 0.0.0.255 // Allow source address 10.1.1.0 Network Segment

Rule Permit Source 10.1.4.1 0.0.0.0 // allow host 10.1.4.1

Nat Address-group 1 // Create a NAT Address Group

Address 100.1.1.100 100.1.1.110 // add address pool

Interface VLAN 3 // Enter vlan3 configuration View

Nat Output 1 address-group // use acl2000 in out -of-Interface direction

Nat Server Protocol TCP global 10.1.1.111inside 10.1.4.1 telnet // 10.1.4.1 configuration server for host

Configure the Router telnet function

Telnet Server Enable //Turn on the router Telnet function

user-interface vty 0 // set vty0

Authentication-mode Scheme // Set Login mode

Protocol Inbound Telnet // Direction

Screen-length // cache length

History-command max-size // historical records

Idle-timeout 6 // timeout period

Loca -useruser // Create users user

Password Simple 3011 // set a simple password

Authorization-attribute user-role network-admin // authorization attribute is admin

Results Demo:

650) this.width=650; "title=" 21.png "alt=" Wkiol1zsrpuh22p9aaabnd6qnjs487.png "src=" http://s3.51cto.com/wyfs02/M02/ 77/b4/wkiol1zsrpuh22p9aaabnd6qnjs487.png "/>

650) this.width=650; "title=" 22.png "alt=" Wkiol1zsrp2zp0ftaabk5kvqrmg481.png "src=" http://s5.51cto.com/wyfs02/M00/ 77/b4/wkiol1zsrp2zp0ftaabk5kvqrmg481.png "/>

650) this.width=650; "title=" 23.png "alt=" Wkiom1zsrpryq-e2aaahyog-ccs481.png "src=" http://s1.51cto.com/wyfs02/M00/ 77/b5/wkiom1zsrpryq-e2aaahyog-ccs481.png "/>

650) this.width=650; "title=" 24.png "alt=" Wkiom1zsrpqctlceaabsbes-exu788.png "src=" http://s1.51cto.com/wyfs02/M00/ 77/b5/wkiom1zsrpqctlceaabsbes-exu788.png "/>

H3C Comprehensive Configuration