{"id":14031,"date":"2016-09-21T06:00:00","date_gmt":"2016-09-20T22:00:00","guid":{"rendered":"http:\/\/blog.pmail.idv.tw\/?p=14031"},"modified":"2016-09-21T06:00:00","modified_gmt":"2016-09-20T22:00:00","slug":"%e8%bf%91%e6%9c%9f%e5%b7%a5%e4%bd%9c%e7%ad%86%e8%a8%98%ef%bc%91cisco-l3-%e8%a8%ad%e5%ae%9a-and-ip-%e8%a6%8f%e5%8a%83","status":"publish","type":"post","link":"https:\/\/blog.pmail.idv.tw\/?p=14031","title":{"rendered":"\u8fd1\u671f\u5de5\u4f5c\u7b46\u8a18(\uff11)Cisco L3 \u8a2d\u5b9a and ip \u898f\u5283"},"content":{"rendered":"<p>\u6700\u8fd1\u516c\u53f8\u4f75\u8cfc\u67d0\u4e00\u9593\u516c\u53f8\u7684\u4e00\u500b\u90e8\u9580\uff0c\u6240\u4ee5\u958b\u59cb\u8981\u505a\u6574\u5408\u7684\u5de5\u4f5c\uff0c\u6211\u5011\u8cb7\u4e0b\u7684\u90e8\u9580\u9084\u662f\u6703\u548c\u539f\u4f86\u516c\u53f8\u5728\u540c\u4e00\u5730\u9ede\u8fa6\u516c\uff0c\u4f46\u662f\u4e3b\u7ba1\u5e0c\u671b\u505a\u5230\u5be6\u9ad4\u5340\u9694\uff0c\u6240\u4ee5\u6703\u5728\u8a72\u6a5f\u6703\u6709\u4e00\u500b\u6a5f\u6ac3\u7d66\u6211\u9019\u908a\u7528\uff0c\u6211\u8981\u8ca0\u8cac\u628a\u7db2\u8def\u76f8\u95dcinfra\u641e\u5b9a\u3002<\/p>\n<p><!--more--><\/p>\n<p>\u5927\u81f4\u4e0a\u6703\u6709\u4e9b\u6771\u897f\u8981\u505a\u8a2d\u5b9a\u6574\u7406\u5982\u4e0b<\/p>\n<p>1. isp \u7dda\u8def\u7533\u8acb<\/p>\n<p>2.SRX 240 HA \u8a2d\u5b9a<\/p>\n<p>3. Cisco L3 \u8a2d\u5b9a (ip \u898f\u5283)<\/p>\n<p>4. cisco AP \u8a2d\u5b9a<\/p>\n<p>5.Hyper-v \u4e3b\u6a5f\u5efa\u7acb<\/p>\n<p>6. DC\u5efa\u7acb<\/p>\n<p>7.ad account \u5efa\u7acb (\u5927\u7d041\u767e\u591a\u4eba)<\/p>\n<p>8.\u7528\u6236\u7aef\u79fb\u8f49<\/p>\n<p>9.e-mail \u79fb\u8f49<\/p>\n<p>10.\u5099\u4efd\u8a2d\u5b9a<\/p>\n<p>\u9019\u525b\u597d\u6703\u662f\u6211\u4e4b\u524d\u985e\u4f3c\u4e4b\u524d\u5728\u9435\u4eba\u8cfd\u7684\u6587\u7ae0 =&gt; mis\u7406\u60f3\u7684it\u57fa\u790e\u5efa\u8a2d<\/p>\n<p>\u7576\u7136\u6703\u6709\u5f88\u591a\u72c0\u6cc1\uff0c\u76ee\u524d\u6211\u5c31\u7576\u4f5c\u7df4\u7fd2\u56e0\u70ba\u6709\u4e9b\u6771\u897f\u6211\u4e5f\u6c92\u78b0\u904e\uff0c\u5728\u9019\u4e00\u6b21\u7684\u904e\u7a0b\u6211\u6703\u628a\u5b83\u505a\u500b\u7b46\u8a18\u3002<\/p>\n<p>\u9996\u5148 isp \u7dda\u8def\u6211\u5011\u662f\u7533\u8acb\u5169\u689d\uff0c\u4e00\u689d\u4e0a\u7db2\u5c08\u7528\uff0c\u53e6\u4e00\u689d\u4e3b\u8981\u662f\u505avpn\u4f7f\u7528<\/p>\n<p>\u7c21\u7565\u7684\u67b6\u69cb\u5716<\/p>\n<p><a href=\"https:\/\/blog.pmail.idv.tw\/wp-content\/uploads\/2016\/09\/WIS-1.jpg\" target=\"_blank\"><img loading=\"lazy\" decoding=\"async\" title=\"WIS-1\" style=\"border-top: 0px; border-right: 0px; background-image: none; border-bottom: 0px; padding-top: 0px; padding-left: 0px; border-left: 0px; display: inline; padding-right: 0px\" border=\"0\" alt=\"WIS-1\" src=\"https:\/\/blog.pmail.idv.tw\/wp-content\/uploads\/2016\/09\/WIS-1_thumb.jpg\" width=\"629\" height=\"484\"><\/a><\/p>\n<p>Cisco 3750 \u7db2\u6bb5\u898f\u5283\uff1a<\/p>\n<p>\u6211\u5011\u7684IP\u7db2\u6bb5\u90fd\u662f\u5411\u570b\u5916\u7533\u8acb\uff0c\u6b64\u6b21\u7533\u8acb\u5230\u7684\u662f10.65.112.0\/20 \u9019\u4e00\u6bb5\u5167\u90e8IP<\/p>\n<p>\u4e3b\u8981\u6211\u898f\u756b\u4e86\uff14\u5404vlan\uff0c\u6bcf\u500bvlan \u53ef\u4ee5\u7528IP \u6211\u5011\u6c7a\u5b9a\u767c\u5169\u500b\uff23\u7d045\u767e\u591a\u500b\uff0c\u4ee5\u514d\u5f8c\u7e8c\u4e0d\u5920\u7684\u8981\u518d\u505a\u8abf\u6574\u3002<\/p>\n<p>1. vlan 112 : \u9019\u4e00\u6bb5\u4e3b\u8981\u662f\u7d66\u7db2\u8def\u8a2d\u5099\u53caserver\u7528<\/p>\n<p>10.65.112.0\/23 <\/p>\n<p>10.65.112.1 \u2013 10.65.113.254\u3000<\/p>\n<p>GW : 10.65.113.254<\/p>\n<p>2. vlan 114: \u9019\u500b\u662f\u7528\u6236pc\/NB<\/p>\n<p>10.65.114.0\/23<\/p>\n<p>10.65.114.1 \u2013 10.65.115.254<\/p>\n<p>GW : 10.65.115.254<\/p>\n<p>3.vlan 126 : ip phone \u7db2\u6bb5<\/p>\n<p>10.65.126.0\/23<\/p>\n<p> 10.65.126.1 \u2013 10.65.127.254<\/p>\n<p>GW : 10.65.127.254<\/p>\n<p>4. vlan 108 : wifi \u5982\u624b\u6a5f \u3001\u5e73\u7248<\/p>\n<p> 192.168.108.0\/23<br \/>192.168.108.1 \u2013192.168.109.254<br \/>GW : 192.168.109.254<\/p>\n<p>\u5728cisco \u7684\u8a2d\u5b9a\u5982\u4e0b<\/p>\n<p>interface Vlan108<br \/> description wi-fi <br \/> ip address 192.168.109.254&nbsp; 255.255.254.0<br \/> ip access-group permit_guest in<br \/> ip helper-address 10.65.112.3<\/p>\n<p>interface Vlan112<br \/> description for Server Newtork subnet<br \/> ip address 10.65.113.254&nbsp; 255.255.254.0<br \/>!<br \/>interface Vlan114<br \/> description for user access vlan<br \/> ip address 10.65.115.254&nbsp; 255.255.254.0<br \/> ip helper-address 10.65.112.3<br \/>!<br \/>interface Vlan126<br \/> description for ip phone subnet<br \/> ip address 10.65.127.254&nbsp; 255.255.254.0<br \/> ip helper-address 10.65.112.3<\/p>\n<p>ACL&nbsp; \u90e8\u5206\u4e3b\u8981\u662f\u6a94wifi \u7528\u6236\u7121\u6cd5\u9023\u6211\u7684\u5167\u90e8\u7db2\u6bb5<\/p>\n<p>ip access-list extended permit_guest<br \/> permit udp any host 10.65.112.3 eq bootpc<br \/> permit udp any host 10.65.112.3 eq bootps<br \/> deny&nbsp;&nbsp; ip 192.168.108.0 0.0.1.255&nbsp; 10.0.0.0 0.255.255.255<br \/> permit ip any any<\/p>\n<p>\u6700\u5f8c\u5c31\u662f\u8def\u7531<\/p>\n<p>\u4e0a\u7db2\u5c31\u662f\u90fd\u5f80fw\u8d70\uff0cfw \u898f\u5283\u7684\uff29\uff30\u5c31\u662f10.65.113.253<\/p>\n<p>ip route 0.0.0.0 0.0.0.0 10.65.113.253<\/p>\n<div class=\"21cd169d3c0f71e95b84db320302cb4a\" data-index=\"1\" style=\"float: right; margin:10px 0 10px 10px;\">\n<script async src=\"https:\/\/pagead2.googlesyndication.com\/pagead\/js\/adsbygoogle.js?client=ca-pub-8711325745898650\"\r\n     crossorigin=\"anonymous\"><\/script>\n<\/div>\n\n<div style=\"font-size: 0px; height: 0px; line-height: 0px; margin: 0; padding: 0; clear: both;\"><\/div>","protected":false},"excerpt":{"rendered":"<p>\u6700\u8fd1\u516c\u53f8\u4f75\u8cfc\u67d0\u4e00\u9593\u516c\u53f8\u7684\u4e00\u500b\u90e8\u9580\uff0c\u6240\u4ee5\u958b\u59cb\u8981\u505a\u6574\u5408\u7684\u5de5\u4f5c\uff0c\u6211\u5011\u8cb7\u4e0b\u7684\u90e8\u9580\u9084\u662f\u6703\u548c &hellip; <a href=\"https:\/\/blog.pmail.idv.tw\/?p=14031\">\u95b1\u8b80\u5168\u6587 <span class=\"meta-nav\">&rarr;<\/span><\/a><\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"ngg_post_thumbnail":0,"footnotes":""},"categories":[49,138],"tags":[],"class_list":["post-14031","post","type-post","status-publish","format-standard","hentry","category-cisco","category-work"],"_links":{"self":[{"href":"https:\/\/blog.pmail.idv.tw\/index.php?rest_route=\/wp\/v2\/posts\/14031","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/blog.pmail.idv.tw\/index.php?rest_route=\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/blog.pmail.idv.tw\/index.php?rest_route=\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/blog.pmail.idv.tw\/index.php?rest_route=\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/blog.pmail.idv.tw\/index.php?rest_route=%2Fwp%2Fv2%2Fcomments&post=14031"}],"version-history":[{"count":0,"href":"https:\/\/blog.pmail.idv.tw\/index.php?rest_route=\/wp\/v2\/posts\/14031\/revisions"}],"wp:attachment":[{"href":"https:\/\/blog.pmail.idv.tw\/index.php?rest_route=%2Fwp%2Fv2%2Fmedia&parent=14031"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/blog.pmail.idv.tw\/index.php?rest_route=%2Fwp%2Fv2%2Fcategories&post=14031"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/blog.pmail.idv.tw\/index.php?rest_route=%2Fwp%2Fv2%2Ftags&post=14031"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}