正文

路由器

admin
admin V管理员 /0 评论 /537 阅读
0708
此篇文章发布距今已超过1011天,您需要注意文章的内容或图片是否可用!

<LiShuBian-500KV-msr5620>dis cu

#

 version 7.1.064, Release 0809P33

#

 sysname LiShuBian-500KV-msr5620

#

 clock protocol ntp

#

ip vpn-instance vpn-nrt

 route-distinguisher 22000:2

 vpn-target 22000:200 import-extcommunity

 vpn-target 22000:200 export-extcommunity

#

ip vpn-instance vpn-rt

 route-distinguisher 22000:1

 vpn-target 22000:100 import-extcommunity

 vpn-target 22000:100 export-extcommunity

#

 router id 20.2.8.3

#

ospf 1

 area 0.0.0.8

  network 20.2.8.0 0.0.0.255

  network 20.3.8.0 0.0.0.255

#              

 mpls lsr-id 20.2.8.3

#

 password-recovery enable

#

vlan 1

#

mpls ldp

#

controller Cellular2/0/0

#

controller Cellular2/0/1

#

interface Serial2/1/0

 fe1 unframed

 ppp mp MP-group2/0/1 

#

interface Serial2/1/1

 fe1 unframed

 ppp mp MP-group2/0/1 

#

interface Serial2/2/0

 fe1 unframed

 ppp mp MP-group2/0/2 

#

interface Serial2/2/1

 fe1 unframed

 ppp mp MP-group2/0/2 

#

interface MP-group2/0/1

 ip address 20.3.8.2 255.255.255.252

 mpls enable

 mpls ldp enable

#

interface MP-group2/0/2

 ip address 20.3.8.102 255.255.255.252

 mpls enable

 mpls ldp enable

#

interface NULL0

#

interface LoopBack0

 ip address 20.2.8.3 255.255.255.255

#

interface GigabitEthernet2/0/0

 port link-mode route

 combo enable copper

 shutdown

#

interface GigabitEthernet2/0/1

 port link-mode route

 combo enable copper

 shutdown

#

interface GigabitEthernet2/0/2

 port link-mode route

 combo enable copper

 shutdown

#

interface GigabitEthernet2/5/0

 port link-mode route

 description to-VPN-rt

 shutdown

#

interface GigabitEthernet2/5/1

 port link-mode route

 description to-VPN-rt

 ip binding vpn-instance vpn-rt

 ip address 20.100.31.252 255.255.255.0

#              

interface GigabitEthernet2/6/0

 port link-mode route

 description to-VPN-nrt

 ip binding vpn-instance vpn-nrt

 ip address 20.110.31.252 255.255.255.0

#

interface GigabitEthernet2/5/2

 port link-mode bridge

 shutdown

#

interface GigabitEthernet2/5/3

 port link-mode bridge

 shutdown

#

interface GigabitEthernet2/5/4

 port link-mode bridge

 shutdown

#

interface GigabitEthernet2/5/5

 port link-mode bridge

 shutdown

#

interface GigabitEthernet2/5/6

 port link-mode bridge

 combo enable copper

 shutdown

#

interface GigabitEthernet2/5/7

 port link-mode bridge

 combo enable copper

 shutdown

#

interface GigabitEthernet2/6/1

 port link-mode bridge

 shutdown

#

interface GigabitEthernet2/6/2

 port link-mode bridge

 shutdown

#

interface GigabitEthernet2/6/3

 port link-mode bridge

 shutdown

#

interface GigabitEthernet2/6/4

 port link-mode bridge

 shutdown

#

interface GigabitEthernet2/6/5

 port link-mode bridge

 shutdown

#

interface GigabitEthernet2/6/6

 port link-mode bridge

 combo enable copper

 shutdown

#

interface GigabitEthernet2/6/7

 port link-mode bridge

 combo enable copper

 shutdown

#

interface M-GigabitEthernet0

 shutdown

#

interface Ten-GigabitEthernet2/0/3

 port link-mode route

 shutdown

#              

interface Ten-GigabitEthernet2/0/4

 port link-mode route

 shutdown

#

bgp 22000

 router-id 20.2.8.3

 group JLSD internal

 peer 20.2.8.1 group JLSD

 peer 20.2.8.2 group JLSD

 #

 address-family vpnv4

  peer JLSD enable

 #

 ip vpn-instance vpn-nrt

  #

  address-family ipv4 unicast

   import-route direct

   import-route static

 #

 ip vpn-instance vpn-rt

  #

  address-family ipv4 unicast

   import-route direct

   import-route static

#

 scheduler logfile size 16

#

line class console

 user-role network-admin

#

line class tty

 user-role network-operator

#

line class vty

 user-role network-operator

#

line con 0 1

 authentication-mode scheme

 user-role network-admin

#

line vty 0 63

 authentication-mode scheme

 user-role level-15

 user-role network-operator

 protocol inbound ssh

#              

 info-center loghost source LoopBack0

 info-center loghost 20.254.0.1

#

 snmp-agent

 snmp-agent local-engineid 800063A28038A91C6531A000000001

 snmp-agent community read dbro1234 acl 2000

 snmp-agent community read dbrw1234 acl 2000

 snmp-agent sys-info version v2c v3 

 snmp-agent target-host trap address udp-domain 20.254.0.1 params securityname dbro1234 v2c

 snmp-agent trap enable arp 

#

 ssh server enable

 ssh user admin1234 service-type stelnet authentication-type password

 ssh user user1234 service-type stelnet authentication-type password

 ssh server acl 3000

#

 ntp-service enable

 ntp-service source LoopBack0

 ntp-service unicast-server 20.2.0.1 priority

 ntp-service unicast-server 20.2.0.2

#

acl basic 2000

 description snmp control

 rule 0 permit source 20.254.0.0 0.0.0.255

 rule 100 deny

#

acl advanced 3000

 description ssh control

 rule 0 permit ip source 20.254.0.0 0.0.0.255

 rule 5 permit ip source 20.2.0.0 0.0.0.255

 rule 10 permit ip source 20.3.8.0 0.0.0.3

 rule 15 permit ip source 20.3.8.100 0.0.0.3

 rule 100 deny ip

#

 undo password-control length enable 

 undo password-control composition enable 

 undo password-control complexity user-name check

#

domain system

#

 domain default enable system

#

role name level-0

 description Predefined level-0 role

#

role name level-1

 description Predefined level-1 role

#

role name level-2

 description Predefined level-2 role

#

role name level-3

 description Predefined level-3 role

#

role name level-4

 description Predefined level-4 role

#

role name level-5

 description Predefined level-5 role

#

role name level-6

 description Predefined level-6 role

#

role name level-7

 description Predefined level-7 role

#

role name level-8

 description Predefined level-8 role

#              

role name level-9

 description Predefined level-9 role

#

role name level-10

 description Predefined level-10 role

#

role name level-11

 description Predefined level-11 role

#

role name level-12

 description Predefined level-12 role

#

role name level-13

 description Predefined level-13 role

#

role name level-14

 description Predefined level-14 role

#

user-group system

#

local-user admin1234 class manage

 password hash $h$6$xy5sRHRW08rI4iTA$Q2azao7iGazCLznHTAwr82zWSztZNPYcM1L3qX3KqXE1g55LgD33v+52C7uxTJjMggWLoVeEytnrWJ3cJ7lAeA==

 service-type ssh terminal

 authorization-attribute user-role level-15

 authorization-attribute user-role network-operator

 password-control login-attempt 5 exceed lock-time 10

#

local-user user1234 class manage

 password hash $h$6$NsaC6+AjilXmrG87$qTgvqFpwRrai7hECLDQqOTIiFQF5sSyHeaTpD/10YMGprUtN+l7UxBFQ8PcXtpQvYwEo6tsVr5F9p8yHPIiODQ==

 service-type ssh terminal

 authorization-attribute user-role level-3

 authorization-attribute user-role network-operator

 password-control login-attempt 5 exceed lock-time 10

#

 undo autodeploy url enable

#

return

<LiShuBian-500KV-msr5620> 


宙飒天下