rule 1 permit ip destination 192.168.102.100 0
rule 2 deny ip
#
aaa
authentication-scheme abc
authentication-mode radius
accounting-scheme acco1
accounting-mode radius
accounting realtime 15
domain isp
authentication-scheme abc
accounting-scheme acco1
radius-server rd1
#
interface Vlanif100
ip address 192.168.10.10 255.255.255.0
#
interface Vlanif200
ip address 192.168.200.1 255.255.255.0
#
interface GigabitEthernet0/0/1
port link-type trunk
port trunk allow-pass vlan 200
authentication dot1x
#
interface GigabitEthernet0/0/2
port link-type trunk
port trunk allow-pass vlan 200
authentication dot1x
#
interface GigabitEthernet0/0/6
port link-type trunk
port trunk allow-pass vlan 100
#
ip route-static 192.168.100.0 255.255.255.0 192.168.10.11
ip route-static 192.168.102.0 255.255.255.0 192.168.10.11
#
return
SwitchC的配置文件
#
sysname SwitchC
#
vlan batch 200
#
l2protocol-tunnel user-defined-protocol 802.1x protocol-mac 0180-c200-0003 group-mac 0100-0000-0002
#
interface GigabitEthernet0/0/1
port link-type access
port default vlan 200
l2protocol-tunnel user-defined-protocol 802.1x enable
#
interface GigabitEthernet0/0/2
port link-type access
port default vlan 200
l2protocol-tunnel user-defined-protocol 802.1x enable
#
interface GigabitEthernet0/0/3
port link-type trunk
port trunk allow-pass vlan 200
l2protocol-tunnel user-defined-protocol 802.1x enable
#
return
閱讀更多 心若琉璃萬般自在 的文章