SW1
interface Ethernet0/0/1 //进入接口
port link-type access //设置接口范例
port default vlan 10 //该端口指定的vlan
interface Ethernet0/0/2
port link-type access
port default vlan 20
interface Ethernet0/0/3
port link-type access
port default vlan 30
SW2
interface Ethernet0/0/1
port link-type access
port default vlan 10
interface Ethernet0/0/2
port link-type access
port default vlan 20
interface Ethernet0/0/3
port link-type access
port default vlan 30
interface Ethernet0/0/4
port link-type access
port default vlan 88
SW3
interface GigabitEthernet 0/0/4
port link-type access
port default vlan 40
interface GigabitEthernet 0/0/3
port link-type access
port default vlan 50
4、设置接口范例
SW3
interface GigabitEthernet0/0/1
port link-type trunk
port trunk allow-pass vlan 10 20 30 //答应通过的vlan
interface GigabitEthernet0/0/2
port link-type trunk
port trunk allow-pass vlan 10 20 30 88
SW1
interface GigabitEthernet0/0/1
port link-type trunk
port trunk allow-pass vlan 10 20 30
SW2
interface GigabitEthernet0/0/2
port link-type trunk
port trunk allow-pass vlan 10 20 30 88
5、规划ip地址
dhcp enable
ip pool xiaoshou //创建地址池名
gateway-list 192.168.10.254
network 192.168.10.0 mask 255.255.255.0
dns-list 8.8.8.8
ip pool shichang
gateway-list 192.168.20.254
network 192.168.20.0 mask 255.255.255.0
dns-list 8.8.8.8
ip pool chanpin
gateway-list 192.168.30.254
network 192.168.30.0 mask 255.255.255.0
dns-list 8.8.8.8
interface Vlanif10
ip address 192.168.10.254 255.255.255.0
dhcp select global //分配地址池的地址
interface Vlanif20
ip address 192.168.20.254 255.255.255.0
dhcp select global
interface Vlanif30
ip address 192.168.30.254 255.255.255.0
dhcp select global
在pc上设置为dhcp并应用
检察获取的ip
如今就已经可以ping通其他vlan了
为了捧臭脚给老板的ip设一个192.168.88.88招财的静态ip,也是可以访问其他vlan的
8、防火墙设置接口(路由器可以代替)
FW
interface GigabitEthernet0/0/3
ip address 192.168.50.1 255.255.255.0
interface GigabitEthernet0/0/1
ip address 202.1.1.1 255.255.255.0
9、分别接口地区
FW
firewall zone trust
add interface GigabitEthernet0/0/3
firewall zone untrust
add interface GigabitEthernet0/0/1
10、设置策略