一、配置时间
sys
ntp-service unicast-server 192.168.1.1
ntp-service unicast-server 192.168.1.2
clock timezone UTC add 8
clock timezone CST add 08:00:00
undo ntp-service disable
q
手动设置一个时间
clock datetime 13:43:00 2023-10-10
save
y
sys
保存!保存!保存!
更改NTP服务器
sys
undo ntp-service unicast-server 192.168.1.1
undo ntp-service unicast-server 192.168.1.2
ntp-service unicast-server 172.16.1.1
q
save
y
保存!保存!保存!二、重命名
sysname hahaha三、配置VLAN
vlan batch 100 200 300
vlan 100
description fuwuqi
vlan 200
description jiankong
vlan 300
description guanli
ip route-static 0.0.0.0 0 192.168.100.1
interface Vlanif 300
ip address 192.168.100.2 24
保存!保存!保存!四、配置SNMP
snmp-agent
snmp-agent sys-info version v2c v3
snmp-agent community read tuantizi mib-view View_ALL acl 2000
snmp-agent protocol source-status all-interface
snmp-agent mib-view included View_ALL iso
保存!保存!保存!五、远程登录
dsa local-key-pair create
user-interface vty 0 4
authentication-mode aaa
protocol inbound all
quit
aaa
local-user admin password irreversible-cipher mimamimamima
local-user admin privilege level 15
local-user admin service-type ssh http telnet
quit
ssh user admin authentication-type password
stelnet server enable
ssh server-source all-interface
y
ssh user admin service-type all
quit
load-module weakea
install-module weakea.mod
system
undo ssh server hmac
undo ssh server cipher
undo ssh server publickey
undo ssh server key-exchange
ssh server port 10023
y
http server port 10024
y
telnet server port 10025
y
telnet server-source all-interface
y
http secure-server enable
y
http secure-server port 10026
y
http server-source all-interface
y
保存!保存!保存!六、批量端口配置
TRUNK配置
port-group group-member GigabitEthernet 0/0/1 to GigabitEthernet 0/0/22
port link-type trunk
port trunk allow-pass vlan all
q
port-group group-member XGigabitEthernet 0/0/1 to XGigabitEthernet 0/0/2
port link-type trunk
port trunk allow-pass vlan all
q
port-group group-member GigabitEthernet 0/0/9 to GigabitEthernet 0/0/12
port link-type trunk
port trunk allow-pass vlan all
q
ACCESS配置
port-group group-member GigabitEthernet 0/0/1 to GigabitEthernet 0/0/8
port link-type access
port default vlan 100
poe enable
q
保存!保存!保存!七、ACL规则
ssh server acl 2000
telnet server acl 2000
http acl 2000
acl 2000
rule permit source 192.168.100.0 0.0.0.255
rule permit source 192.168.12.0 0.0.0.63
rule permit source 192.168.6.33 0
rule permit source 172.16.12.39 0
rule permit source 172.16.12.101 0
rule permit source 172.16.12.102 0
rule permit source 172.16.12.103 0
rule permit source 172.16.12.105 0
rule permit source 172.16.12.63 0
rule permit source 172.26.252.113 0
rule 100 deny
q
q
save
y
保存!保存!保存!八、手工链路聚合LACP
核心-链路聚合-手工模式LACP
interface Eth-Trunk 12
mode lacp
trunkport GigabitEthernet 0/0/12
trunkport GigabitEthernet 1/0/12
port link-type trunk
port trunk allow-pass vlan all
保存!保存!保存!
汇聚-链路聚合-手工模式LACP
interface Eth-Trunk 1
mode lacp
trunkport XGigabitEthernet 0/0/3 to 0/0/4
port link-type trunk
port trunk allow-pass vlan all
保存!保存!保存!