H3C MER5200配置NAT
网络4年前 (2019-10-21)
拓扑为 WAN光猫--MER5200--S5100划分两个网段
H3C MER5200
# vlan 1 # vlan 30 # interface Vlan-interface1 description LAN-interface tcp mss 1280 undo dhcp select server # interface Vlan-interface30 ip address 10.0.0.1 255.255.255.0 undo dhcp select server # interface GigabitEthernet0/0 port link-mode route description Single_Line1 combo enable copper ip address 222.222.222.222 255.255.255.252 dns server 114.114.114.114 dns server 223.5.5.5 tcp mss 1280 nat outbound # interface GigabitEthernet0/1 port link-mode route # interface GigabitEthernet0/2 port link-mode bridge port access vlan 30 # ip route-static 0.0.0.0 0 222.222.222.221 ip route-static 172.16.1.0 24 10.0.0.2 ip route-static 172.16.2.0 24 10.0.0.2 # return
H3C S5100
# vlan 1 # vlan 10 # vlan 20 # vlan 30 # interface Vlan-interface10 ip address 172.16.2.254 255.255.255.0 # interface Vlan-interface20 ip address 172.16.1.254 255.255.255.0 # interface Vlan-interface30 ip address 10.0.0.2 255.255.255.0 # interface GigabitEthernet1/0/1 port access vlan 30 # interface GigabitEthernet1/0/2 port access vlan 20 # interface GigabitEthernet1/0/3 port access vlan 20 # interface GigabitEthernet1/0/4 port access vlan 20 # interface GigabitEthernet1/0/5 port access vlan 20 # interface GigabitEthernet1/0/6 port access vlan 20 # interface GigabitEthernet1/0/7 port access vlan 20 # interface GigabitEthernet1/0/8 port access vlan 20 # interface GigabitEthernet1/0/9 port access vlan 20 # interface GigabitEthernet1/0/10 port access vlan 20 # interface GigabitEthernet1/0/11 port access vlan 20 # interface GigabitEthernet1/0/12 port access vlan 20 # interface GigabitEthernet1/0/13 port access vlan 20 # interface GigabitEthernet1/0/14 port access vlan 20 # interface GigabitEthernet1/0/15 port access vlan 20 # interface GigabitEthernet1/0/16 port access vlan 20 # interface GigabitEthernet1/0/17 port access vlan 20 # interface GigabitEthernet1/0/18 port access vlan 20 # interface GigabitEthernet1/0/19 port access vlan 20 # interface GigabitEthernet1/0/20 port access vlan 20 # interface GigabitEthernet1/0/21 port access vlan 20 # interface GigabitEthernet1/0/22 port access vlan 20 # interface GigabitEthernet1/0/23 port access vlan 20 # interface GigabitEthernet1/0/24 port access vlan 20 # interface GigabitEthernet1/0/25 port access vlan 20 # interface GigabitEthernet1/0/26 port access vlan 20 # interface GigabitEthernet1/0/27 port access vlan 20 # interface GigabitEthernet1/0/28 port access vlan 20 # interface GigabitEthernet1/0/29 port access vlan 20 # interface GigabitEthernet1/0/30 port access vlan 20 # interface GigabitEthernet1/0/31 port access vlan 20 # interface GigabitEthernet1/0/32 port access vlan 20 # interface GigabitEthernet1/0/33 port access vlan 20 # interface GigabitEthernet1/0/34 port access vlan 20 # interface GigabitEthernet1/0/35 port access vlan 20 # interface GigabitEthernet1/0/36 port access vlan 20 # interface GigabitEthernet1/0/37 port access vlan 20 # interface GigabitEthernet1/0/38 port access vlan 20 # interface GigabitEthernet1/0/39 port access vlan 20 # interface GigabitEthernet1/0/40 port access vlan 20 # interface GigabitEthernet1/0/41 port access vlan 10 # interface GigabitEthernet1/0/42 port access vlan 10 # interface GigabitEthernet1/0/43 port access vlan 10 # interface GigabitEthernet1/0/44 port access vlan 10 # interface GigabitEthernet1/0/45 port access vlan 10 # interface GigabitEthernet1/0/46 port access vlan 10 # interface GigabitEthernet1/0/47 port access vlan 10 # interface GigabitEthernet1/0/48 port access vlan 10 # ip route-static 0.0.0.0 0.0.0.0 10.0.0.1 preference 60 # return
附加ssh(stelnet)登陆配置
system-view public-key local create rsa public-key local create dsa public-key local create ecdsa secp256r1 ssh server enable ssh server port 57000 ssh user admin service-type stelnet authentication-type password line vty 0 4 authentication-mode scheme quit local-user admin class manage password simple Hello service-type ssh authorization-attribute user-role network-admin quit
本站所有文章均可随意转载,转载时请保留原文链接及作者。
,想必也是非常愉悦的事!
