网络安全工程(实验21)用交换机和路由器使处于不同vlan的三台主机通信

 

 

SW1的配置:

sysname sw1

vlan batch 100 200


interface GigabitEthernet0/0/1
port link-type access
port default vlan 100

interface GigabitEthernet0/0/2
port link-type access
port default vlan 200

interface GigabitEthernet0/0/3
port link-type trunk
port trunk allow-pass vlan 100 200

SW2的配置:

sysname sw2

vlan batch 100 200

interface Vlanif1
ip address 192.168.17.2 255.255.255.0

interface Vlanif100
ip address 192.168.1.254 255.255.255.0

interface Vlanif200
ip address 192.168.2.254 255.255.255.0

interface GigabitEthernet0/0/1
port link-type trunk
port trunk allow-pass vlan 100 200

interface GigabitEthernet0/0/2
port link-type access

要去192.168.3.0网段,还需要配置一条默认路由

ip route-static 192.168.3.0 255.255.255.0 192.168.17.1

AR1的配置:

interface GigabitEthernet0/0/0
ip address 192.168.17.1 255.255.255.0


interface GigabitEthernet0/0/1
ip address 192.168.3.254 255.255.255.0


ip route-static 192.168.1.0 255.255.255.0 192.168.17.2
ip route-static 192.168.2.0 255.255.255.0 192.168.17.2

SW3的配置:

sysname sw3

interface GigabitEthernet0/0/1
port link-type access
port default vlan 300

interface GigabitEthernet0/0/2
port link-type access
port default vlan 300

测试:

 

 

 

 

 查看SW2的路由表:

 

 

查AR1的路由表:

 

posted @ 2022-01-25 12:02  Stary_tx  阅读(218)  评论(0)    收藏  举报