ensp模拟搭建典型中小型企业网架构（附详细步骤+命令）

06-29 1035阅读

实验步骤

拓扑图

1、规划vlan

xiaoshou vlan10

shichang vlan20

chanpin vlan30

server vlan40

connect vlan50

boss vlan88

2、配置vlan

SW3

vlan 10 //创建vlan

description xiaoshou //描述

vlan 20

description shicahng

vlan 30

description chanpin

vlan 88

description boss

vlan 40

description server

vlan 50

description connect

SW1

vlan 10

description xiaoshou

vlan 20

description shicahng

vlan 30

description chanpin

SW2

vlan 10

description xiaoshou

vlan 20

description shicahng

vlan 30

description chanpin

vlan 88

description boss

3、接口划分vlan

SW1

interface Ethernet0/0/1 //进入接口

port link-type access //配置接口类型

port default vlan 10 //该端口指定的vlan

interface Ethernet0/0/2

port link-type access

port default vlan 20

interface Ethernet0/0/3

port link-type access

port default vlan 30

SW2

interface Ethernet0/0/1

port link-type access

port default vlan 10

interface Ethernet0/0/2

port link-type access

port default vlan 20

interface Ethernet0/0/3

port link-type access

port default vlan 30

interface Ethernet0/0/4

port link-type access

port default vlan 88

SW3

interface GigabitEthernet 0/0/4

port link-type access

port default vlan 40

interface GigabitEthernet 0/0/3

port link-type access

port default vlan 50

4、配置接口类型

SW3

interface GigabitEthernet0/0/1

port link-type trunk

port trunk allow-pass vlan 10 20 30 //允许通过的vlan

interface GigabitEthernet0/0/2

port link-type trunk

port trunk allow-pass vlan 10 20 30 88

SW1

interface GigabitEthernet0/0/1

port link-type trunk

port trunk allow-pass vlan 10 20 30

SW2

interface GigabitEthernet0/0/2

port link-type trunk

port trunk allow-pass vlan 10 20 30 88

5、规划ip地址

vlan10 ---- 192.168.10.0/24

vlan20 ---- 192.168.20.0/24

vlan30 ---- 192.168.30.0/24

vlan40 ---- 192.168.40.0/24

vlan50 ---- 192.168.50.0/24

vlan88 ---- 192.168.88.0/24

svi相当于给每个vlan配置一个逻辑ip

ip基本上都是做vlan的网关

6、配置网段

SW3

interface Vlanif10 //进入vlan10的接口

ip address 192.168.10.254 255.255.255.0

interface Vlanif20

ip address 192.168.20.254 255.255.255.0

interface Vlanif30

ip address 192.168.30.254 255.255.255.0

interface Vlanif40

ip address 192.168.40.254 255.255.255.0

interface Vlanif50

ip address 192.168.50.254 255.255.255.0

interface Vlanif88

ip address 192.168.88.254 255.255.255.0

7、配置DHCP

SW3当作DHCP 服务器

xiaoshou shichang chanpin

dhcp分配ip地址

每个vlan 对应一个网段

SW3

dhcp enable

ip pool xiaoshou //创建地址池名

gateway-list 192.168.10.254

network 192.168.10.0 mask 255.255.255.0

dns-list 8.8.8.8

ip pool shichang

gateway-list 192.168.20.254

network 192.168.20.0 mask 255.255.255.0

dns-list 8.8.8.8

ip pool chanpin

gateway-list 192.168.30.254

network 192.168.30.0 mask 255.255.255.0

dns-list 8.8.8.8

interface Vlanif10

ip address 192.168.10.254 255.255.255.0

dhcp select global //分配地址池的地址

interface Vlanif20

ip address 192.168.20.254 255.255.255.0

dhcp select global

interface Vlanif30

ip address 192.168.30.254 255.255.255.0

dhcp select global

在pc上设置为dhcp并应用

查看获取的ip

现在就已经可以ping通其他vlan了

为了拍马屁给老板的ip设一个192.168.88.88招财的静态ip，也是可以访问其他vlan的

8、防火墙配置接口（路由器可以代替）

interface GigabitEthernet0/0/3

ip address 192.168.50.1 255.255.255.0

interface GigabitEthernet0/0/1

ip address 202.1.1.1 255.255.255.0

9、划分接口区域

firewall zone trust

add interface GigabitEthernet0/0/3

firewall zone untrust

add interface GigabitEthernet0/0/1

10、配置策略

policy interzone trust untrust outbound

policy 1

action permit

policy source 192.168.0.0 mask 16

11、配置nat

nat-policy interzone trust untrust outbound

policy 1

action source-nat

policy source 192.168.0.0 mask 16

easy-ip GigabitEthernet0/0/1

这个时候还是访问不了外网的因为没有路由

12、配置路由

SW3

ip route-static 0.0.0.0 0.0.0.0 192.168.50.1

ip route-static 192.168.0.0 255.255.0.0 192.168.50.254

配置完路由后就可以访问外网了

到此实验结束！

如有需要ensp安装包的可以评论区留言或者私信。

VPS购买请点击我

ensp模拟搭建典型中小型企业网架构（附详细步骤+命令）

拓扑图

1、规划vlan

2、配置vlan

3、接口划分vlan

4、配置接口类型

5、规划ip地址

6、配置网段

7、配置DHCP

8、防火墙配置接口（路由器可以代替）

10、配置策略

11、配置nat

12、配置路由

相关阅读

不知道不知道为什么我的心？

为什么一上课就犯困？

纹身为什么会后悔？

为什么爱会让人变残缺？

目录[+]