Catalyst2950-实现端口与IP绑定

王朝other·作者佚名  2008-05-19
窄屏简体版  字體: |||超大  

在Cisco catalyst 2950交换机上,通过配置extended ACL来实现端口与IP的绑定。

配置如下:

2950#show run

Current configuration : 5396 bytes

!

version 12.1

no service pad

service timestamps debug uptime

servicetimestamps log uptime

no service password-encryption

!

hostname 2950

!

enable secret 5 $1$kJ.v$gF4osmkOwfvOy7vkwI3j/.

!

ip subnet-zero

!

no ip domain-lookup

!

!

spanning-tree mode pvst

no spanning-tree optimize bpdu transmission

spanning-tree extend system-id

spanning-tree uplinkfast

!

interface FastEthernet0/1

switchport access vlan 30

switchport mode access

ip access-group ip1 in

spanning-tree portfast

!

interface FastEthernet0/2

switchport access vlan 30

switchport mode access

ip access-group ip2 in

spanning-tree portfast

!

interface FastEthernet0/3

switchport access vlan 30

switchport mode access

ip access-group ip3 in

spanning-tree portfast

!

interface FastEthernet0/4

switchport access vlan 30

switchport mode access

ip access-group ip4 in

spanning-tree portfast

!

interface FastEthernet0/5

switchport access vlan 30

switchport mode access

ip access-group ip5 in

spanning-tree portfast

!

interface FastEthernet0/6

switchport access vlan 30

switchport mode access

ip access-group ip6 in

spanning-tree portfast

!

interface FastEthernet0/7

switchport access vlan 30

switchport mode access

ip access-group ip7 in

spanning-tree portfast

interface FastEthernet0/8

switchport access vlan 30

switchport mode access

ip access-group ip8 in

spanning-tree portfast

!

interface FastEthernet0/9

switchport access vlan 30

switchport mode access

ip access-group ip9 in

spanning-tree portfast

!

interface FastEthernet0/10

switchport access vlan 30

switchport mode access

ip access-group ip10 in

spanning-tree portfast

!

interface FastEthernet0/11

switchport access vlan 30

switchport mode access

ip access-group ip11 in

spanning-tree portfast

!

interface FastEthernet0/12

switchport access vlan 30

switchport mode access

ip access-group ip12 in

spanning-tree portfast

!

interface FastEthernet0/13

switchport access vlan 30

switchport mode access

ip access-group ip13 in

spanning-tree portfast

!

interface FastEthernet0/14

switchport access vlan 30

switchport mode access

ip access-group ip14 in

spanning-tree portfast

!

interface FastEthernet0/15

switchport access vlan 30

switchport mode access

ip access-group ip15 in

spanning-tree portfast

!

interface FastEthernet0/16

switchport access vlan 30

switchport mode access

ip access-group ip16 in

spanning-tree portfast

!

interface FastEthernet0/17

switchport access vlan 30

switchport mode access

ip access-group ip17 in

spanning-tree portfast

!

interface FastEthernet0/18

switchport access vlan 30

switchport mode access

ip access-group ip18 in

spanning-tree portfast

!

interface FastEthernet0/19

switchport access vlan 30

switchport mode access

ip access-group ip19 in

spanning-tree portfast

!

interface FastEthernet0/20

switchport access vlan 30

switchport mode access

ip access-group ip20 in

spanning-tree portfast

!

interface FastEthernet0/21

switchport access vlan 30

switchport mode access

ip access-group ip21 in

spanning-tree portfast

!

interface FastEthernet0/22

switchport access vlan 30

switchport mode access

ip access-group ip22 in

spanning-tree portfast

!

interface FastEthernet0/23

switchport access vlan 30

switchport mode access

ip access-group ip23 in

spanning-tree portfast

!

interface FastEthernet0/24

switchport access vlan 30

switchport mode access

ip access-group ip24 in

spanning-tree portfast

!

interface GigabitEthernet0/1

switchport mode trunk

!

interface GigabitEthernet0/2

spanning-tree stack-port

!

interface Vlan1

no ip address

no ip route-cache

shutdown

!

interface Vlan100

ip address 192.168.100.22 255.255.255.0

no ip route-cache

!

ip default-gateway 192.168.100.254

ip http server

!

ip access-list extended ip1

permit ip host 192.168.30.1 any

ip access-list extended ip10

permit ip host 192.168.30.10 any

ip access-list extended ip11

permit ip host 192.168.30.11 any

ip access-list extended ip12

permit ip host 192.168.30.12 any

ip access-list extended ip13

permit ip host 192.168.30.13 any

ip access-list extended ip14

permit ip host 192.168.30.14 any

ip access-list extended ip15

permit ip host 192.168.30.15 any

ip access-list extended ip16

permit ip host 192.168.30.16 any

ip access-list extended ip17

permit ip host 192.168.30.17 any

ip access-list extended ip18

permit ip host 192.168.30.18 any

ip access-list extended ip19

permit ip host 192.168.30.19 any

ip access-list extended ip2

permit ip host 192.168.30.2 any

ip access-list extended ip20

permit ip host 192.168.30.20 any

ip access-list extended ip21

permit ip host 192.168.30.21 any

ip access-list extended ip22

permit ip host 192.168.30.22 any

ip access-list extended ip23

permit ip host 192.168.30.23 any

ip access-list extended ip24

permit ip host 192.168.30.24 any

ip access-list extended ip3

permit ip host 192.168.30.3 any

ip access-list extended ip4

permit ip host 192.168.30.4 any

ip access-list extended ip5

permit ip host 192.168.30.5 any

ip access-list extended ip6

ip access-list extended ip5

permit ip host 192.168.30.5 any

ip access-list extended ip6

permit ip host 192.168.30.6 any

ip access-list extended ip7

permit ip host 192.168.30.7 any

ip access-list extended ip8

permit ip host 192.168.30.8 any

ip access-list extended ip9

permit ip host 192.168.30.9 any

snmp-server community private RO

!

line con 0

line vty 0 4

password !@#$%

login

line vty 5 15

password !@#$%

login

!

!

end

2950#

 
 
 
免责声明:本文为网络用户发布,其观点仅代表作者个人观点,与本站无关,本站仅提供信息存储服务。文中陈述内容未经本站证实,其真实性、完整性、及时性本站不作任何保证或承诺,请读者仅作参考,并请自行核实相关内容。
 
 
© 2005- 王朝網路 版權所有 導航