华为2300系列交换机配置
1.配置端口隔离
2.配置telnet且只能192.168.88.1(AC网关)才能访问
3.过滤局域网非法dhcp服务器
不想解释 贴出配置
system-view aaa local-user admin service-type telnet user-interface con 0 user-interface vty 0 4 authentication-mode aaa acl 2222 inbound acl number 2222 rule permit source 192.168.88.1 0.0.0.0 quit dhcp enable interface Vlanif 1 ip address dhcp-alloc undo shutdown quit telnet server enable dhcp enable dhcp snooping enable interface ethernet 0/0/1 port-isolate enable dhcp snooping enable dhcp snooping sticky-mac quit interface ethernet 0/0/2 port-isolate enable dhcp snooping enable dhcp snooping sticky-mac quit interface ethernet 0/0/3 port-isolate enable dhcp snooping enable dhcp snooping sticky-mac quit interface ethernet 0/0/4 port-isolate enable dhcp snooping enable dhcp snooping sticky-mac quit interface ethernet 0/0/5 port-isolate enable dhcp snooping enable dhcp snooping sticky-mac quit interface ethernet 0/0/6 port-isolate enable dhcp snooping enable dhcp snooping sticky-mac quit interface ethernet 0/0/7 port-isolate enable dhcp snooping enable dhcp snooping sticky-mac quit interface ethernet 0/0/8 port-isolate enable dhcp snooping enable dhcp snooping sticky-mac quit interface ethernet 0/0/9 port-isolate enable dhcp snooping enable dhcp snooping sticky-mac quit interface ethernet 0/0/10 port-isolate enable dhcp snooping enable dhcp snooping sticky-mac quit interface ethernet 0/0/11 port-isolate enable dhcp snooping enable dhcp snooping sticky-mac quit interface ethernet 0/0/12 port-isolate enable dhcp snooping enable dhcp snooping sticky-mac quit interface ethernet 0/0/13 port-isolate enable dhcp snooping enable dhcp snooping sticky-mac quit interface ethernet 0/0/14 port-isolate enable dhcp snooping enable dhcp snooping sticky-mac quit interface ethernet 0/0/15 port-isolate enable dhcp snooping enable dhcp snooping sticky-mac quit interface ethernet 0/0/16 port-isolate enable dhcp snooping enable dhcp snooping sticky-mac quit interface ethernet 0/0/17 port-isolate enable dhcp snooping enable dhcp snooping sticky-mac quit interface ethernet 0/0/18 port-isolate enable dhcp snooping enable dhcp snooping sticky-mac quit interface ethernet 0/0/19 port-isolate enable dhcp snooping enable dhcp snooping sticky-mac quit interface ethernet 0/0/20 port-isolate enable dhcp snooping enable dhcp snooping sticky-mac quit interface ethernet 0/0/21 port-isolate enable dhcp snooping enable dhcp snooping sticky-mac quit interface ethernet 0/0/22 port-isolate enable dhcp snooping enable dhcp snooping sticky-mac quit interface ethernet 0/0/23 port-isolate enable dhcp snooping enable dhcp snooping sticky-mac quit interface ethernet 0/0/24 port-isolate enable dhcp snooping enable dhcp snooping sticky-mac quit interface gigabitethernet 0/0/1 dhcp snooping trusted quit port-isolate mode all
评论