核心交换机配置telent
[SW1]telnet server enable
[SW1]aaa
[SW1-aaa]local-user hcip privilege level 3 password cipher 123
Info: Add a new user.
[SW1-aaa]display this
#
aaa
authentication-scheme default
authorization-scheme default
accounting-scheme default
domain default
domain default_admin
local-user hcip password cipher #*C>*$C`S!INZPO3JBXBHA!!
local-user hcip privilege level 3
local-user admin password simple admin
local-user admin service-type http
#
return
[SW1-aaa]local-user hcip ?
access-limit Set access limit of user(s)
ftp-directory Set user(s) FTP directory permitted
idle-timeout Set the timeout period for terminal user(s)
password Set password
privilege Set admin user(s) level
service-type Service types for authorized user(s)
state Activate/Block the user(s)
[SW1-aaa]local-user hcip service-type telnet
[SW1]user-interface vty 0 4 ?
<cr>
[SW1]user-interface vty 0 4
[SW1-ui-vty0-4]authentication-mode aaa
虚拟PC测试
<pc>telnet 192.168.254.2
Trying 192.168.254.2 ...
Press CTRL+K to abort
Connected to 192.168.254.2 ...
Login authentication
Username:aaa
Info: The connection was closed by the remote host.
<pc>
<pc>telnet 192.168.254.2
Trying 192.168.254.2 ...
Press CTRL+K to abort
Connected to 192.168.254.2 ...
Login authentication
Username:hcip
Password:
Info: The max number of VTY users is 5, and the number
of current VTY users on line is 1.
The current login time is 2023-04-14 19:51:41.
<SW1>
核心交换机配置管理流量网关
[SW1]vlan 999
[SW1-vlan999]quit
[SW1]int vlanif 999
[SW1-Vlanif999]ip add 192.168.253.1 255.255.255.0
[SW1-Vlanif999]
接入交换机配置管理流量IP
[SW2]vlan 999
[SW2-vlan999]quit
[SW2]int vlanif 999
[SW2-Vlanif999]ip add 192.168.253.2 255.255.255.0
[SW2-Vlanif999]quit
[SW2]ip route-static 0.0.0.0 0 192.168.253.1 #### 关键一步,回包路由
[SW2]display ip interface brief
*down: administratively down
^down: standby
(l): loopback
(s): spoofing
The number of interface that is UP in Physical is 4
The number of interface that is DOWN in Physical is 1
The number of interface that is UP in Protocol is 2
The number of interface that is DOWN in Protocol is 3
Interface IP Address/Mask Physical Protocol
MEth0/0/1 unassigned down down
NULL0 unassigned up up(s)
Vlanif1 unassigned up down
Vlanif200 unassigned up down
Vlanif999 192.168.253.2/24 up up
------------------------配置远程访问用户
[SW2]aaa
[SW2-aaa]local-user hcip privilege level 3 password cipher 123
Info: Add a new user.
[SW2-aaa]local-user hcip service-type telnet
[SW2]user-interface vty 0 4
[SW2-ui-vty0-4]authentication-mode aaa
模拟PC登陆接入交换机
<pc>telnet 192.168.253.2
Trying 192.168.253.2 ...
Press CTRL+K to abort
Connected to 192.168.253.2 ...
Login authentication
Username:hcip
Password:
Info: The max number of VTY users is 5, and the number
of current VTY users on line is 1.
The current login time is 2023-04-14 20:10:24.
<SW2>dis ip in
<SW2>dis ip interface br
<SW2>dis ip interface brief
*down: administratively down
^down: standby
(l): loopback
(s): spoofing
The number of interface that is UP in Physical is 4
The number of interface that is DOWN in Physical is 1
The number of interface that is UP in Protocol is 2
The number of interface that is DOWN in Protocol is 3
Interface IP Address/Mask Physical Protocol
MEth0/0/1 unassigned down down
NULL0 unassigned up up(s)
Vlanif1 unassigned up down
Vlanif200 unassigned up down
Vlanif999 192.168.253.2/24 up up