Wuling district finance bureau Intranet implementation plan

1. Add a VLAN 2. Set the vlan ip address 192.168.9.253 255.255.255.0 3. divide interface G1/0/9-1/0/10 into this VLAN. connect interface 9 to the internal network port of the firewall. add a telnet user to the vswitch. the user name is hncz and the password is creator6. set the IP address of the network port in the firewall to 172.16.9.254 1. VLAN 2 Description connect_to_shenshi 2.int vlan2ip address 172.16.9.253 255.255.255.0 3. VLAN 2 port G1/0/9 to G1/0/10 4. (Omitted) 5. user-interface vty 0 4 Authentication-mode scheme local-user hncz password cipher creator service-type telnet terminal6. (Omitted) Remarks: (currently, China Telecom lines are not deployed. At that time, China Telecom will take a line to the IDC in Wuling district, only Use a crossover line to connect to the telecom port and Huawei Ar2811 Vro Port ( The port number is Lan0) To implement the Plan.) next step: currently, VLAN 2 of the slave switch can be connected to the provincial network. To achieve this, all network segments can be directly connected to the provincial network, you need to create another VLAN under the switch, set an IP address a. B .c.d for this VLAN, and route all the machines that need to be connected to the provincial network into this VLAN. The Gateway is set to a. B .c.d, you can achieve interconnection. Note that you need to set a route on the central switch to direct all traffic destined for the provincial network to our firewall IP address. The specific operations are as follows: 7. Add VLAN 8. Set VLAN IP 9. Add all Intranet interfaces to this VLAN 10. Log on to the vswitch and set static routes (to the provincial network ). , All go through the firewall of tianrongxin) 11. Log on to the last tianrongxin firewall. , Set a pointing route (this step has been completed) 7. VLAN 333 Description connect_to_neiwang 8. Int VLAN 333. IP address XXX 255.255.255.0 9. VLAN 333 Port G1/0/1 to G1/0/8 10. IP route-static 10.104.9.0 24 172.16.9.254 IP route-static 10.104.10.0 24 172.16.9.254 11. https: // 192.168.1.254 indicates all machines in the 10.104.140.0 CIDR Block of the route. The route is 172.16.9.253. Note: (the next step in Wuling district is marked in red, and black is what we have done)