Network topology:
Two firewall work in transparent mode interface configuration for the brige, respectively belong to vlan100 and vlan200,
GE.two survivors mouth belongs to truns domain firewall - 1 the VLAN538 core switches GE 0/0/27 port; GE 0/3 mouth for untruns domain by operators with link (IP: 172.19.11.150),
Firewall - 2 GE.two survivors mouth belongs to truns domain the VLAN638 0/0 of GE/28 core switch port; GE 0/3 mouth belongs to untruns domain operators backup link (IP: 172.19.12.150),
The core switches vlan538 interface IP: 172.19.11.149
The core switches vlan638 interface IP: 172.19.12.149
Core switches vlan4 interface IP: 10.11.55.254/24 and 10.11.66.254/24, vlan4 access terminals, terminal IP: 10.11.55.0/24 GW: 10.11.55.254; 10.11.66.0/24 GW: 10.11.66.254
Core switch configuration file:
& lt; UYX_S7503E & gt; Dis cu
#
Version 5.20, the Release of 6616 p05
#
Sysname UYX_S7503E
#
Super password level 3 cipher - MA# A: & lt; ] W7F [R=` & gt; X & amp; the STA!!
#
Domain default enable system
#
The router id 172.20.2.112
#
Telnet server enable
#
LLDP enable
#
Mirroring - group 1 local
#
The switch - mode standard
#
The acl number 4000
Rule 1 deny source MAC 001 - a - a941-3 c88 FFFF FFFF - FFFF
Rule 2 deny source MAC 000 - e - a300-7425 FFFF FFFF - FFFF
Rule 3, deny the source - MAC e468 - a386-0 a29 FFFF FFFF - FFFF
#
Vlan 1
#
Vlan 2
The description UPlink
#
Vlan 4
The description LAN
#
Vlan 5
#
Vlan 6
The description of Internet
#
Vlan 7
The description NetworkManagement
#
Vlan 239
The description RemoteVideoConference
#
Vlan 538
#
Vlan 638
#
The radius scheme system
#
Domain system
Access - limit the disable
The state active
Idle - cut disable
The self - service - disable url
#
User - group system
#
Local - user admin
Password cipher.] @ USE=B, 53 Q=^ Q ` MAF4 & lt; 1!!!!!
Authorization - the attribute level 3
Service - type Telnet
#
Interface NULL0
#
Interface LoopBack0
IP address 172.20.2.112 255.255.255.255
#
Interface Vlan - interface2 -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- did not use the
The description to_AR4640
IP address 172.19.9.42 255.255.255.248
#
Interface Vlan - interface4
The description to_lan
IP address 10.11.55.254 255.255.255.0
IP address 10.11.66.254 255.255.255.0 sub
#
Interface Vlan - interface5 -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- --
video meetingThe description to_localvideo conference
IP address 10.11.254.169 255.255.255.248
#
Interface Vlan - interface6 -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- did not use the
The description to_Internet
Shutdown
IP address 172.19.7.150 255.255.255.252
#
Interface Vlan - interface7
IP address 192.168.255.254 255.255.255.0
#
Interface Vlan - interface239 -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- --
video meetingThe description to_RemoteVideoConference
IP address 172.19.2.149 255.255.255.252
#
Interface Vlan - interface538 -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- main use link
IP address 172.19.11.149 255.255.255.252
Ospf network -type broadcast
#
Interface Vlan - interface638 -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- --
backup linkIP address 172.19.12.149 255.255.255.252
Ospf cost 20
Ospf network -type p2p
#
Interface GigabitEthernet0/0/1
The port link - mode bridge,
The port link -type trunk
Undo the port trunk permit vlan 1
The port trunk permit vlan 4 7
Shutdown
#
Interface GigabitEthernet0/.two survivors
The port link - mode bridge,
Shutdown
#
Interface GigabitEthernet0/0/3
The port link - mode bridge,
Shutdown
#
Interface GigabitEthernet0/0/4
The port link - mode bridge,
Shutdown
#
Interface GigabitEthernet0/0/5
The port link - mode bridge,
The port link -type trunk
The port trunk permit vlan all
Mirroring - group 1 mirroring - port both
DHCP snooping - trust
#
Interface GigabitEthernet0/0/6
The port link - mode bridge,
The port access vlan 4
Mirroring - group 1 mirroring - port both
#
Interface GigabitEthernet0/0/7
The port link - mode bridge,
The port access vlan 4
Mirroring - group 1 mirroring - port both
#
Interface GigabitEthernet0/0/8
The port link - mode bridge,
The port access vlan 4
Mirroring - group 1 mirroring - port both
#
Interface GigabitEthernet0/0/9
The port link - mode bridge,
The port access vlan 4
Mirroring - group 1 monitor - port
#
Interface GigabitEthernet0/0/10
The port link - mode bridge,
The port access vlan 4
#
Interface GigabitEthernet0/0/11
The port link - mode bridge,
The port access vlan 4
Mirroring - group 1 mirroring - port both
#
Interface GigabitEthernet0/0/12
The port link - mode bridge,
The port access vlan 4
Mirroring - group 1 mirroring - port both
#
Interface GigabitEthernet0/0/13
The port link - mode bridge,
The port access vlan 4
Mirroring - group 1 mirroring - port both
#
Interface GigabitEthernet0/0/14
The port link - mode bridge,
The port access vlan 4
nullnullnullnullnullnullnullnullnullnullnullnullnullnullnullnullnullnullnullnullnullnullnullnullnullnullnullnullnullnullnullnullnullnullnullnullnullnullnullnullnullnullnullnullnullnullnullnullnullnullnullnullnullnullnullnullnullnullnullnullnullnullnullnullnullnullnullnullnullnullnullnullnullnullnullnullnullnullnullnullnullnullnullnullnullnullnullnullnullnullnullnullnullnullnullnullnullnullnullnullnullnullnullnullnullnullnullnullnullnullnullnullnullnullnullnullnullnullnullnullnullnullnullnullnullnullnullnullnullnullnullnullnullnullnullnullnullnullnullnullnullnullnullnullnullnullnullnullnullnullnullnullnullnullnullnullnullnullnullnullnullnullnullnullnullnullnullnullnullnullnullnullnullnullnullnullnullnullnullnullnullnullnullnullnullnullnullnullnullnullnullnullnullnullnullnullnullnullnullnullnullnullnullnullnullnullnullnullnullnullnullnullnullnullnullnullnullnullnullnullnullnullnullnullnullnullnullnullnullnullnullnullnullnullnullnullnullnullnullnullnullnullnullnullnullnullnullnullnullnullnullnullnullnullnullnullnullnullnullnullnullnullnull