131902994.png

131902695.png

SW1

基本配置:

vlan database

vlan 20

vlan 30

vlan 40

vlan 50

exit   (  创建VLAN)

conf t

int range f0/1 -3

sw tr en dot1q           (重新封装)

sw mode tr                      (开启TK)

int f0/10

no sw

ip add 192.168.10.1 255.255.255.252

no sh

int vlan 20

ip add 192.168.20.1 255.255.255.0

no sh

int vlan 30

ip add 192.168.30.1 255.255.255.0

no sh

int vlan 40

ip add 192.168.40.1 255.255.255.0

no sh

int vlan 50

ip add 192.168.50.1 255.255.255.0

no sh

ip routing             (路由功能)

ip route 0.0.0.0 0.0.0.0 f0/10

access-list 2 deny 192.168.30.0 0.0.0.255

access-list 2 deny 192.168.40.0 0.0.0.255

access-list 2 permit any

int vlan 20

ip access-group 2 out

exit

access-list 3 permit host 192.168.50.2

access-list 3 deny any

username benet password benet.com

line vty 0 4

login local

access-class 3 in

exit

132158550.png

132158686.png

132158365.png

132158364.png

132158730.png

132158392.png

SW2:

基本配置:

vlan database

vlan 20

exit

conf t

int range f0/1 -2

switchport mode access

switchport access vlan 20

int f0/10

switchport mode tr

vtp domain htp.com

vtp password ts299

vtp mode client

132327281.png

132327443.png

132327738.png

SW3:

基本配置:

vlan database

vlan 30

vlan 40

exit

conf t

int f0/1

switchport mode access

switchport access vlan 30

int f0/2

switchport mode access

switchport access vlan 40

int f0/10

switchport mode tr

vtp domain htp.com

vtp password ts299

vtp mode client

132440507.png

132440719.png

132440550.png

SW4:

基本配置:

exit

vlan database

vlan 50

exit

conf t

int f0/2

switchport mode access

switchport access vlan 50

int f0/1

switchport mode tr

vtp domain htp.com

vtp password ts299

vtp mode client

132536465.png

132536639.png

132536653.png

NAT:

基本配置:

conf t

int f0/0

ip add 192.168.10.2 255.255.255.252

no sh

int f0/1

ip add 202.102.12.1 255.255.255.252

no sh

ip route 192.168.0.0 255.255.192.0 f0/0

ip route 0.0.0.0 0.0.0.0 f0/1

access-list 1 permit 192.168.30.0 0.0.0.255

access-list 1 permit 192.168.40.0 0.0.0.255

access-list 1 permit 192.168.50.0 0.0.0.255

access-list 1 deny any

ip nat inside source list 1 interface f0/1

ip nat inside source static tcp 192.168.20.2 80 152.52.25.5 80

ip nat inside source static tcp 192.168.20.3 443 152.52.25.5 443

int f0/0

ip nat inside

int f0/1

ip nat outside

access-list 3 permit host 192.168.50.2

access-list 3 deny any

username benet password benet.com

line vty 0 4

login local

access-class 3 in

exit

132641880.png

132641754.png

132641104.png

ISP:

基本配置:

Conf t

int f0/1

ip add 202.102.12.2 255.255.255.252

no sh

int f0/0

ip add 211.12.10.1 255.255.255.0

no sh

ip route 152.52.25.0 255.255.255.0 f0/1

132741135.png

   图片为验证