今天僅僅將配置奉上，明天將做講解～～～ 其實都是比較基礎的配置，不過使用價值非常高～～～ 其中有些是他們以前配的，我沒有刪掉，因為對網絡沒有影響~~~ 2621： !
!
no ip domain lookup
ip host server 2065 1.1.1.1
ip dhcp excluded-address 192.168.0.1 192.168.0.40
ip dhcp excluded-address 192.168.0.100 192.168.0.160
ip dhcp excluded-address 192.168.2.1 192.168.2.40
ip dhcp excluded-address 192.168.3.1 192.168.3.40
ip dhcp excluded-address 192.168.4.1 192.168.4.40
ip dhcp excluded-address 192.168.5.1 192.168.5.40
ip dhcp excluded-address 192.168.1.1 192.168.1.100
ip dhcp excluded-address 192.168.0.220 192.168.0.254
ip dhcp excluded-address 192.168.7.1 192.168.7.10
!
ip dhcp pool cla***oom1
?? network 192.168.1.0 255.255.255.0
?? default-router 192.168.1.1
?? dns-server 202.106.196.115 202.106.196.152
?? lease 2
!
ip dhcp pool cla***oom2
?? network 192.168.2.0 255.255.255.0
?? default-router 192.168.2.1
?? dns-server 202.106.196.115 202.106.196.152
?? lease 2
?
!
ip dhcp pool cla***oom3
?? network 192.168.3.0 255.255.255.0
?? default-router 192.168.3.1
?? dns-server 202.106.196.115 202.106.196.152
?? lease 2
!
ip dhcp pool cla***oom4
?? network 192.168.4.0 255.255.255.0
?? default-router 192.168.4.1
?? dns-server 202.106.196.115 202.106.196.152
?? lease 2
!
ip dhcp pool cla***oom5
?? network 192.168.5.0 255.255.255.0
?? default-router 192.168.5.1
?? dns-server 202.106.196.115 202.106.196.152
?? lease 2
!
ip dhcp pool cla***oom6
?? network 192.168.6.0 255.255.255.0
?? default-router 192.168.6.1
?? dns-server 202.106.196.115 202.106.196.152
?? lease 2
!
ip dhcp pool servers
?? network 192.168.0.0 255.255.255.0
?? dns-server 202.106.196.115 202.106.196.152
?? default-router 192.168.0.1
?? lease 2
!
ip dhcp pool cla***oom7
?? network 192.168.7.0 255.255.255.0
?? default-router 192.168.7.1
?? dns-server 202.106.196.115 202.106.196.152
?? lease 2
!
ip vrf ***1
?rd 100:1
?route-target export 100:1
?route-target import 100:1
!
ip vrf ***2
?rd 100:2
?route-target export 100:2
?route-target import 100:2
!
ip audit notify log
ip audit po max-events 100
!
!
!
!
!
!
!
!
!
!
!
!
no voice hpi capture buffer
no voice hpi capture destination
!
!
!
!
!
!
interface Loopback0
?ip address 160.1.13.13 255.255.255.0
!
interface FastEthernet0/0
?no ip address
?speed 100
?full-duplex
!
interface FastEthernet0/0.800
?encapsulation dot1Q 800
?ip address 218.247.142.201 255.255.255.224 secondary
?ip address 218.247.142.194 255.255.255.224
?ip nat outside
?no cdp enable
!
interface FastEthernet0/0.900
?encapsulation dot1Q 900
?ip address 192.168.0.1 255.255.255.0
?ip nat inside
?no cdp enable
!
interface FastEthernet0/0.901
?encapsulation dot1Q 901
?ip address 192.168.1.1 255.255.255.0
?ip access-group outcontrol in
?ip nat inside
?no cdp enable
!
interface FastEthernet0/0.902
?encapsulation dot1Q 902
?ip address 192.168.2.1 255.255.255.0
?ip access-group outcontrol in
?ip nat inside
?no cdp enable
!
interface FastEthernet0/0.903
?encapsulation dot1Q 903
?ip address 192.168.3.1 255.255.255.0
?ip access-group outcontrol in
?ip nat inside
?no cdp enable
!
interface FastEthernet0/0.904
?encapsulation dot1Q 904
?ip address 192.168.4.1 255.255.255.0
?ip access-group officecontrol in
?ip nat inside
?no cdp enable
!
interface FastEthernet0/0.905
?encapsulation dot1Q 905
?ip address 192.168.5.1 255.255.255.0
?ip access-group outcontrol in
?ip nat inside
?no cdp enable
!
interface FastEthernet0/0.906
?encapsulation dot1Q 906
?ip address 192.168.6.1 255.255.255.0
?ip access-group outcontrol in
?ip nat inside
?no cdp enable
!
interface FastEthernet0/0.907
?encapsulation dot1Q 907
?ip address 192.168.7.1 255.255.255.0
?ip access-group outcontrol in
?ip nat inside
?no cdp enable
!
interface FastEthernet0/1
?no ip address
?duplex auto
?speed auto
!
ip local pool rempool 10.0.0.1 10.0.0.20
ip nat translation timeout 300
ip nat translation tcp-timeout 300
ip nat pool natpool 218.247.142.218 218.247.142.220 netmask 255.255.255.224
ip nat inside source list 1 pool natpool overload
ip nat inside source static tcp 192.168.0.2 23 218.247.142.194 8802 extendable
ip nat inside source static tcp 192.168.0.26 23 218.247.142.194 8826 extendable
ip nat inside source static tcp 192.168.0.25 23 218.247.142.194 8825 extendable
ip nat inside source static tcp 192.168.0.24 23 218.247.142.194 8824 extendable
ip nat inside source static tcp 192.168.0.23 23 218.247.142.194 8823 extendable
ip nat inside source static tcp 192.168.0.21 23 218.247.142.194 8821 extendable
ip nat inside source static tcp 192.168.0.22 23 218.247.142.194 8822 extendable
ip nat inside source static tcp 192.168.0.22 20 218.247.142.194 20 extendable
ip nat inside source static tcp 192.168.0.28 23 218.247.142.194 8828 extendable
ip nat inside source static tcp 192.168.0.29 23 218.247.142.194 8829 extendable
ip nat inside source static tcp 192.168.0.47 23 218.247.142.194 4723 extendable
ip nat inside source static tcp 192.168.0.47 21 218.247.142.194 4721 extendable
ip nat inside source static tcp 192.168.0.47 20 218.247.142.194 4720 extendable
ip nat inside source static tcp 192.168.0.47 25 218.247.142.194 4725 extendable
ip nat inside source static tcp 192.168.0.47 110 218.247.142.194 47110 extendabl
e
ip nat inside source static tcp 192.168.0.200 8080 218.247.142.194 8080 extendab
le
ip nat inside source static tcp 192.168.0.240 23 218.247.142.194 8240 extendable
ip nat inside source static tcp 192.168.0.240 22 218.247.142.194 22 extendable
ip nat inside source static tcp 192.168.0.240 115 218.247.142.194 115 extendable
ip nat inside source static tcp 192.168.0.21 23 218.247.142.194 8826 extendable
ip nat inside source static tcp 192.168.0.240 8080 218.247.142.194 8080 extendab
le
ip nat inside source static tcp 192.168.0.100 23 218.247.142.194 626 extendable
ip nat inside source static tcp 192.168.0.100 23 218.247.142.195 626 extendable
ip nat inside source static tcp 192.168.0.100 23 218.247.142.201 626 extendable
ip nat inside source static tcp 192.168.0.31 23 218.247.142.201 8831 extendable
ip nat inside source static tcp 192.168.0.32 23 218.247.142.201 8832 extendable
ip nat inside source static tcp 192.168.0.33 23 218.247.142.201 8833 extendable
ip nat inside source static tcp 192.168.0.34 23 218.247.142.201 8834 extendable
ip nat inside source static tcp 192.168.0.35 23 218.247.142.201 8835 extendable
ip nat inside source static tcp 192.168.0.84 23 218.247.142.201 8335 extendable
ip nat inside source static tcp 192.168.0.31 23 218.247.142.194 8831 extendable
ip nat inside source static tcp 192.168.0.36 23 218.247.142.201 8836 extendable
ip nat inside source static tcp 192.168.0.36 23 218.247.142.194 8836 extendable
ip nat inside source static tcp 192.168.0.82 21 218.247.142.201 21 extendable
no ip http server
no ip http secure-server
ip classless
ip route 0.0.0.0 0.0.0.0 218.247.142.193
!
!
!
ip access-list extended denyicmp
?deny?? icmp any any
?deny?? tcp any any eq 135
?permit ip any any
ip access-list extended firewall
?permit tcp any any eq www
?permit tcp any eq www any
?permit icmp any any
?permit tcp any any eq telnet
?permit tcp any eq telnet any
?permit tcp any any eq ftp
?permit tcp any any eq ftp-data
?permit tcp any eq ftp any
?permit tcp any eq ftp-data any
?permit tcp any any eq domain
?permit udp any any eq domain
?permit tcp any eq domain any
?permit udp any eq domain any
?permit tcp any any eq smtp
?permit tcp any eq smtp any
?permit tcp any any eq pop3
?permit tcp any eq pop3 any
?permit tcp any any eq 2121
permit tcp any any eq 8821
permit tcp any any eq 8822
permit tcp any any eq 8823
permit tcp any any eq 8824
permit tcp any any eq 8825
permit tcp any any eq 8826
permit tcp any any eq 1581
permit tcp any any eq 8080
permit ip host 202.109.106.130 any
permit ip host 218.17.246.163 any
permit ip host 203.93.63.237 any
permit ip host 203.93.63.238 any
permit tcp any eq 5000 any
permit tcp any eq 5001 any
permit tcp any eq 5100 any
permit tcp any eq 5101 any
permit ip host 218.2.247.68 any
permit tcp any eq 7001 any
permit udp any eq 7001 any
permit udp any eq 1863 any
permit tcp any eq 443 any
permit tcp any any eq 5080
permit udp any any eq isakmp
permit tcp any any eq 500
ip access-list extended officecontrol
?deny?? tcp any any eq 1025
?deny?? tcp any any eq 135
?deny?? tcp any any eq 445
?deny?? tcp any any eq 5554 log-input
?deny?? tcp any any eq 9996 log-input
?deny?? tcp any any eq 136
?deny?? tcp any any eq 137
?deny?? tcp any any eq 138
?deny?? tcp any any eq 139
?permit ip any any
?permit icmp any any
?deny?? udp any any eq 1434
?deny?? ip host 192.168.0.45 any
ip access-list extended outcontrol
?deny?? udp any any eq 4000
?deny?? tcp any any eq 4000
?deny?? udp any any eq 11023
?deny?? tcp any any eq 8000
?deny?? tcp any any eq 1025
?deny?? tcp any any eq 135
?deny?? tcp any any eq 445
?deny?? tcp any any eq 5554 log-input
?deny?? tcp any any eq 9996 log-input
?deny?? tcp any any eq 136
?deny?? tcp any any eq 137
?deny?? tcp any any eq 138
?deny?? tcp any any eq 139
?permit tcp any any eq telnet
?permit tcp any eq telnet any
?permit tcp any any eq ftp
?permit tcp any any eq ftp-data
?permit tcp any eq ftp any
?permit tcp any eq ftp-data any
?permit tcp any any eq domain
?permit udp any any eq domain
?permit ip host 192.168.2.41 any
?permit ip host 192.168.2.77 any
?permit ip any 192.168.0.0 0.0.255.255
?permit udp any any eq bootpc
?permit udp any any eq bootps
?permit ip any any time-range outcontrol
?deny?? ip host 192.168.0.92 any
?deny?? udp any any eq 1434
?deny?? tcp any any
?permit tcp any any eq www
?deny?? udp any any
access-list 1 permit 192.168.0.0 0.0.255.255
access-list 101 permit icmp 192.168.0.0 0.0.255.255 10.0.0.0 0.255.255.255
access-list 101 permit ip 192.168.0.0 0.0.255.255 10.0.0.0 0.255.255.255
!
tftp-server flash:c2600-j1s3-mz.122-13.T8.bin
snmp-server enable traps tty
!
!
dial-peer cor custom
!
!
!
!
!
line con 0
line aux 0
line vty 0 4
?password tarenaccnp
?login
line vty 5 15
?password tarenaccnp
?login
!
time-range onecontrol
?periodic daily 12:30 to 13:30
?periodic daily 17:30 to 23:58
?periodic daily 0:00 to 9:30
!
time-range outcontrol
?periodic daily 0:30 to 9:30
?periodic daily 12:30 to 13:30
?periodic daily 17:30 to 18:30
!
!
!
end
? 2950： interface FastEthernet0/1
?switchport access vlan 910
?switchport mode access
?no ip address
?channel-group 4 mode on
?spanning-tree portfast
?spanning-tree bpduguard enable
?spanning-tree cost 1000
!
interface FastEthernet0/2
?switchport access vlan 911
?switchport mode access
?no ip address
?spanning-tree portfast
!
interface FastEthernet0/3
?switchport access vlan 912
?switchport trunk allowed vlan 1
?switchport mode access
?no ip address
?spanning-tree vlan 357 port-priority 16
?spanning-tree vlan 357 cost 17
?spanning-tree port-priority 16
?spanning-tree cost 18
!
interface FastEthernet0/4
?switchport access vlan 913
?switchport mode access
?no ip address
!
interface FastEthernet0/5
?switchport access vlan 910
?switchport mode access
?no ip address
!
interface FastEthernet0/6
?switchport access vlan 60
?switchport mode access
?no ip address
!
interface FastEthernet0/7
?switchport access vlan 87
?switchport mode access
?no ip address
!
interface FastEthernet0/8
?switchport access vlan 87
?switchport trunk allowed vlan 11
?switchport mode trunk
?no ip address
!
interface FastEthernet0/9
?switchport access vlan 23
?switchport mode trunk
?no ip address
!
interface FastEthernet0/10
?switchport access vlan 528
?switchport mode access
?no ip address
?udld port
?spanning-tree guard root
?spanning-tree cost 18
!
interface FastEthernet0/11
?switchport access vlan 11
?switchport mode access
?no ip address
!
interface FastEthernet0/12
?description toCla***oom7
?switchport access vlan 907
?switchport mode access
?no ip address
!
interface FastEthernet0/13
?description toServers
?switchport access vlan 906
?switchport mode access
?no ip address
!
interface FastEthernet0/14
?description toServers
?switchport access vlan 900
?switchport mode access
?no ip address
?speed 100
!
interface FastEthernet0/15
?description to internet
?switchport access vlan 800
?switchport mode access
?no ip address
?speed 100
!
interface FastEthernet0/16
?description toInternet
?switchport access vlan 800
?switchport mode access
?no ip address
!
interface FastEthernet0/17
?description toServers
?switchport access vlan 900
?switchport mode access
?no ip address
?duplex half
?speed 100
!
interface FastEthernet0/18
?description toCla***oom1
?switchport access vlan 901
?switchport mode access
?no ip address
!
interface FastEthernet0/19
?description toCla***oom2
?switchport access vlan 902
?switchport mode access
?no ip address
!
interface FastEthernet0/20
?description toCla***oom3
?switchport access vlan 903
?switchport mode access
?no ip address
!
interface FastEthernet0/21
?description toCla***oom4
?switchport access vlan 904
?switchport mode access
?no ip address
!
interface FastEthernet0/22
?description toCla***oom5
?switchport access vlan 905
?switchport mode access
?no ip address
!
interface FastEthernet0/23
?description toServers
?switchport access vlan 900
?switchport mode access
?no ip address
?speed 100
!
interface FastEthernet0/24
?description Trunkto2621
?switchport access vlan 800
?switchport mode trunk
?no ip address
?duplex full
?speed 100
!
interface Vlan1
?ip address 192.168.0.126 255.255.255.0
?no ip route-cache
?shutdown
!
interface Vlan2
?ip address 192.168.0.127 255.255.255.0
?no ip route-cache
?shutdown
!
interface Vlan3
?no ip address
?no ip route-cache
?shutdown
!
interface Vlan4
?no ip address
?no ip route-cache
?shutdown
!
interface Vlan9
?ip address 192.168.1.1 255.255.255.0
?no ip route-cache
?shutdown
!
interface Vlan10
?no ip address
?no ip route-cache
?shutdown
!
interface Vlan11
?no ip address
?no ip route-cache
?shutdown
!
interface Vlan13
?no ip address
?no ip route-cache
?shutdown
?fair-queue 15 256 0
!
interface Vlan20
?no ip address
?no ip route-cache
?shutdown
!
interface Vlan22
?no ip address
?no ip route-cache
?shutdown
!
interface Vlan30
?no ip address
?no ip route-cache
?shutdown
!
interface Vlan40
?no ip address
?no ip route-cache
?shutdown
!
interface Vlan50
?no ip address
?no ip route-cache
?shutdown
!
interface Vlan60
?no ip address
?no ip route-cache
?shutdown
!
interface Vlan70
?no ip address
?ip access-group 1 in
?no ip route-cache
?shutdown
!
interface Vlan101
?ip address 16.1.1.1 255.255.255.0
?no ip route-cache
?shutdown
?priority-group 1
!
interface Vlan333
?no ip address
?no ip route-cache
?shutdown
!
interface Vlan555
?no ip address
?no ip route-cache
?shutdown
!
interface Vlan900
?ip address 192.168.0.126 255.255.255.0
?no ip route-cache
!
interface Vlan910
?ip address 1.1.1.1 255.255.255.0
?no ip route-cache
?shutdown
!
ip default-gateway 192.168.0.1
ip http server
!
access-list 1 deny?? 14.14.14.14
access-list 1 deny?? 12.12.12.12
access-list 1 deny?? 192.168.4.11
access-list 1 permit 192.168.0.131
access-list 1 permit any
access-list 1 deny?? any
access-list 101 deny?? ip any host 14.14.14.14
access-list 101 permit ip any any
snmp-server enable traps vtp
banner motd ^C <=========]=o ^C
!
line con 0
?password tarenaccnp
?logging synchronous
line vty 0 4
?exec-timeout 0 0
?password cisco
?logging synchronous
?login
line vty 5 15
?exec-timeout 0 0
?password cisco
?logging synchronous
?login
!
!
monitor session 1 source interface Fa0/1 , Fa0/3 - 5 , Fa0/9 , Fa0/14 - 15 , Fa0
/24
monitor session 1 destination interface Fa0/10
monitor session 2 destination interface Fa0/6
mac-address-table static 1111.1111.1111 vlan 1 interface FastEthernet0/1
mac-address-table static 2222.2222.2222 vlan 1 interface FastEthernet0/1
end

轉載于:https://blog.51cto.com/bailu/36338

總結

以上是生活随笔為你收集整理的最近为一个培训公司做的配置的全部內容，希望文章能夠幫你解決所遇到的問題。

如果覺得生活随笔網站內容還不錯，歡迎將生活随笔推薦給好友。