Cisco Catalyst 2950 配置-实现端口与IP的绑定

在Cisco catalyst 2950交换机上,通过配置extended ACL来实现端口与IP的绑定。
配置如下:

2950#show run
Current configuration : 5396 bytes
!
version 12.1
no service pad
service timestamps debug uptime
servicetimestamps log uptime
no service password-encryption
!
hostname 2950
!
enable secret 5 $1$kJ.v$gF4osmkOwfvOy7vkwI3j/.

!
ip subnet-zero
!
no ip domain-lookup
!
!
spanning-tree mode pvst
no spanning-tree optimize bpdu transmission
spanning-tree extend system-id
spanning-tree uplinkfast
!
interface FastEthernet0/1
switchport access vlan 30
switchport mode access
ip access-group ip1 in
spanning-tree portfast
!
interface FastEthernet0/2
switchport access vlan 30
switchport mode access
ip access-group ip2 in
spanning-tree portfast
!
interface FastEthernet0/3
switchport access vlan 30
switchport mode access
ip access-group ip3 in
spanning-tree portfast
!
interface FastEthernet0/4
switchport access vlan 30
switchport mode access
ip access-group ip4 in
spanning-tree portfast
!
interface FastEthernet0/5
switchport access vlan 30
switchport mode access
ip access-group ip5 in
spanning-tree portfast
!
interface FastEthernet0/6
switchport access vlan 30
switchport mode access
ip access-group ip6 in
spanning-tree portfast
!
interface FastEthernet0/7
switchport access vlan 30
switchport mode access
ip access-group ip7 in
spanning-tree portfast
interface FastEthernet0/8
switchport access vlan 30
switchport mode access
ip access-group ip8 in
spanning-tree portfast
!
interface FastEthernet0/9
switchport access vlan 30
switchport mode access
ip access-group ip9 in
spanning-tree portfast
!
interface FastEthernet0/10
switchport access vlan 30
switchport mode access
ip access-group ip10 in
spanning-tree portfast
!
interface FastEthernet0/11
switchport access vlan 30
switchport mode access
ip access-group ip11 in
spanning-tree portfast
!
interface FastEthernet0/12
switchport access vlan 30
switchport mode access
ip access-group ip12 in
spanning-tree portfast
!
interface FastEthernet0/13
switchport access vlan 30
switchport mode access
ip access-group ip13 in
spanning-tree portfast
!
interface FastEthernet0/14
switchport access vlan 30
switchport mode access
ip access-group ip14 in
spanning-tree portfast
!
interface FastEthernet0/15
switchport access vlan 30
switchport mode access
ip access-group ip15 in
spanning-tree portfast
!
interface FastEthernet0/16
switchport access vlan 30
switchport mode access
ip access-group ip16 in
spanning-tree portfast
!
interface FastEthernet0/17
switchport access vlan 30
switchport mode access
ip access-group ip17 in
spanning-tree portfast
!
interface FastEthernet0/18
switchport access vlan 30
switchport mode access
ip access-group ip18 in
spanning-tree portfast
!
interface FastEthernet0/19
switchport access vlan 30
switchport mode access
ip access-group ip19 in
spanning-tree portfast
!
interface FastEthernet0/20
switchport access vlan 30
switchport mode access
ip access-group ip20 in
spanning-tree portfast
!
interface FastEthernet0/21
switchport access vlan 30
switchport mode access
ip access-group ip21 in
spanning-tree portfast
!
interface FastEthernet0/22
switchport access vlan 30
switchport mode access
ip access-group ip22 in
spanning-tree portfast
!
interface FastEthernet0/23
switchport access vlan 30
switchport mode access
ip access-group ip23 in
spanning-tree portfast
!
interface FastEthernet0/24
switchport access vlan 30
switchport mode access
ip access-group ip24 in
spanning-tree portfast
!
interface GigabitEthernet0/1
switchport mode trunk
!
interface GigabitEthernet0/2
spanning-tree stack-port
!
interface Vlan1
no ip address
no ip route-cache
shutdown
!
interface Vlan100
ip address 192.168.100.22 255.255.255.0
no ip route-cache
!
ip default-gateway 192.168.100.254
ip http server
!
ip access-list extended ip1
permit ip host 192.168.30.1 any
ip access-list extended ip10
permit ip host 192.168.30.10 any
ip access-list extended ip11
permit ip host 192.168.30.11 any
ip access-list extended ip12
permit ip host 192.168.30.12 any
ip access-list extended ip13
permit ip host 192.168.30.13 any
ip access-list extended ip14
permit ip host 192.168.30.14 any
ip access-list extended ip15
permit ip host 192.168.30.15 any
ip access-list extended ip16
permit ip host 192.168.30.16 any
ip access-list extended ip17
permit ip host 192.168.30.17 any
ip access-list extended ip18
permit ip host 192.168.30.18 any
ip access-list extended ip19
permit ip host 192.168.30.19 any
ip access-list extended ip2
permit ip host 192.168.30.2 any
ip access-list extended ip20
permit ip host 192.168.30.20 any
ip access-list extended ip21
permit ip host 192.168.30.21 any
ip access-list extended ip22
permit ip host 192.168.30.22 any
ip access-list extended ip23
permit ip host 192.168.30.23 any
ip access-list extended ip24
permit ip host 192.168.30.24 any
ip access-list extended ip3
permit ip host 192.168.30.3 any
ip access-list extended ip4
permit ip host 192.168.30.4 any
ip access-list extended ip5
permit ip host 192.168.30.5 any
ip access-list extended ip6
ip access-list extended ip5
permit ip host 192.168.30.5 any
ip access-list extended ip6
permit ip host 192.168.30.6 any
ip access-list extended ip7
permit ip host 192.168.30.7 any
ip access-list extended ip8
permit ip host 192.168.30.8 any
ip access-list extended ip9
permit ip host 192.168.30.9 any
snmp-server community private RO
!
line con 0
line vty 0 4
password !@#$%
login
line vty 5 15
password !@#$%
login
!
!
end

2950#

文章录入:csh    责任编辑:csh

(0)

相关推荐

  • Cisco Catalyst 2950 配置-实现端口与IP的绑定

    在Cisco catalyst 2950交换机上,通过配置extended ACL来实现端口与IP的绑定.配置如下: 2950#show runCurrent configuration : 5396 bytes!version 12.1no service padservice timestamps debug uptimeservicetimestamps log uptimeno service password-encryption!hostname 2950!enable secret

  • 解决vue中使用proxy配置不同端口和ip接口问题

    问题描述: 使用vue-cli创建的项目,开发地址是localhost:8080,由于后台开发不同的模块,导致每个模块请求的ip和端口号不一致 例如:http://192.168.10.22:8081  或者 http://192.168.10.30:9999等 解决问题: 在vue.config.js中配置不同的端口号 module.exports = { publicPath: process.env.NODE_ENV === 'production' ? './' : '/', devSe

  • Nginx配置基于多域名、端口、IP的虚拟主机

    1.类型介绍 1.1 基于域名的虚拟主机 所谓基于域名的虚拟主机,意思就是通过不同的域名区分不同的虚拟主机,基于域名的虚拟主机是企业应用最广的虚拟主机类型,几乎所有对外提供服务的网站使用的都是基于域名的主机,例如www.test1.com www.test2.com等 1.2 基于端口的虚拟主机 同理,所谓基于端口的虚拟主机,意思就是通过不同的端口来区分不同的虚拟主机,此类虚拟主机对应的企业应用主要为公司内部的网站,例如:一些不希望直接对外提供用户访问的网站后台等,访问基于端口的虚拟主机,地址里

  • CISCO路由器初始配置简介

    很多初学路由器知识的网友对路由器的初始配置可能感到很陌生,本人在初学时也很困惑,因为一下出来很多提问不知如何是好,下面将最近刚调试的一台CISCO3640的初始配置整理出来与各位网友交流,如有疏漏之处,还请大家指正. 1.用CISCO随机带CONSOLE线,一端连在CISCO路由器的CONSOLE口,一端连在计算机的COM口. 2.打开电脑,启动超级终端.为您的连接取个名字,比如CISCO_SETUP,下一步选定连接时用COM1,下一步选定第秒位数9600,数据位8,奇偶校验无,停止位1,数据流

  • Cisco路由器上配置WRED的必要性

    Cisco路由器上配置WRED的必要性 尽管队列提供VoIP QoS的拥塞管理 ,仍需要一些提供拥塞规避的机制,像是WRED.特别的,WRED可以防止输出队列达到极限值,这将导致所有输入数据包的丢失.本文来自于Informit,论述了在Cisco路由器上配置WRED的必要性. 请回忆一下在你早期的网络技术学习中的内容--传输控制协议(TCP)的窗口(windowing)是如何工作的.发送者发送一个信息段,如果发送者收到接收者发出的成功的应答,则它再发送两个信息段(即,两个"窗口大小")

  • Cisco Catalyst 6500为何一统思科

    注:网络升级不能仅仅关注在性能的提升,因为速度给IT部门顶多带来一时的快感--思科的IT部门在升级局域网时更多考虑了其他因素,比如管理.维护.备件-- 在很多情况下,思科都是首先设法解决自己所遇到的困难,设计出相应的解决方案.在思科IT团队对这些解决方案进行了测试和部署之后,思科才会将它们用于客户的网络.过去,在需要扩建网络时,思科IT团队都会安装当时最合适的--往往也是最新的--设备.通常,这些设备不仅对于客户来说是全新的,  甚至对于IT团队来说也是如此.随着时间的发展,位于圣何塞的思科总部

  • Cisco路由器的配置寄存器

    [摘要]很多人对cisco路由器的配置寄存器并不关心,也不知道其真正用途,本身对配置寄存器的参数配置也超出了一般网络维护人员的要求.但是,寄存器的配置参数与cisco路由器升级.密码恢复等操作密切相关,对于高级网络管理和维护人员 ,是必须了解的.本文介绍配置寄存器的用途以及相应参数的设置,并详细介绍了不同处理器的路由器密码恢复过程. [关键字]cisco路由器 寄存器 密码恢复 启动次序 工作模式 1. 前言配置寄存器是一个16位的虚拟寄存器,用于指定路由器启动的次序.中断参数和设置控制台波特率

  • 基于域名、端口和IP搭建nginx虚拟主机

    nginx支持的虚拟主机有三种 1.基于域名的虚拟主机 2.基于IP的虚拟主机 3.基于端口的虚拟主机 一.基于域名构建 1.编译安装nginx服务 2.配置DNS域名解析服务 3.配置虚拟主机 a.创建自测网页 [root@localhost named]# cd [root@localhost ~]# mkdir -p /var/www/html/kgc [root@localhost ~]# mkdir -p /var/www/html/accp [root@localhost ~]# l

  • kvm虚拟机配置NAT端口转发的实现方法

    目录 1. 概述 2. iptables创建规则 3. 查看和清除 4. 一些别的问题 1. 概述 在内网一台物理机部署了kvm虚拟化环境.为了避免虚拟机的IP地址和内网网段冲突,kvm采用的是NAT模式,而非桥接模式.因此在本地访问kvm虚拟机时,必须用物理机来实现转发,才能登录到虚拟机.而kvm的转发,需要使用Linux的iptables工具来实现 2. iptables创建规则 先创建虚拟机,比如创建一台虚拟机node98,其ip地址是192.168.80.98,我想在本地访问node98

  • 详解VMware中CentOS配置多网卡多IP

    一,配置第二块网卡 1) <CentOS配置网络>(http://www.jb51.net/os/RedHat/86265.html):讲解了怎么配置eth0.这一篇讲解在虚拟机中配置eth1. 2)首先给eth0:192.168.142.130的虚拟机,添加第二块网卡设备.选中虚拟机,右键设置,添加网络适配器. 3)配置.将eth1配置成为内网ip:10.107.1.130. # vi /etc/sysconfig/network-scripts/ifcfg-eth1 DEVICE=eth1

随机推荐