【正文】 54094cisco6506（enable）set trunk 2/6 nonegotiate isl 11005,10254094cisco6506（enable）set trunk 2/7 nonegotiate isl 11005,10254094cisco6506（enable）set trunk 2/8 nonegotiate isl 11005,10254094說明：設置6506的第二模塊18口為主干模式，并采用ISL協(xié)議并不可磋商。 配置6506交換機VLAN間的訪問規(guī)則 當數(shù)據(jù)在VLAN間路由時，出于對各獨立系統(tǒng)的安全考慮，在各VLAN路由端口上應用訪問列表，使VLAN之間的數(shù)據(jù)按規(guī)則通過。其中SNMP協(xié)議需要有一個COMMUNITY NAME控制對交換機的讀寫，在本次工程中，我們定義了以下的COMMUNITY NAME：READWRITE：PRIVATEREADONLY：PUBLIC以下是具體配置命令：cisco6506enablecisco6506(enable)set cdp enable說明：啟用6506交換機的CDP協(xié)議。啟動生成樹cisco6506(enable)set spantree enable all 配置Catalyst 3500的安裝過程 Catalyst 3500系列是CISCO公司的提供1000兆上行端口的桌面交換機，本次工程中包括3臺catalyst3524交換機和2臺catalyst3548交換機，配置過程完全一樣。將CONSOLE 口連接到PC的串口上，運行Hyper Terminal 程序從CONSOLE口進入PIX系統(tǒng)；此時系統(tǒng)提示pixfirewall。 一、CiscoWorks的安裝選取INSTALL二、選用integrate ciscoworks with whatsup gold三、選取需要管理的網(wǎng)絡設備四、完成 設備模擬連接調(diào)試階段 設備安裝階當單機調(diào)試完畢后，就進入系統(tǒng)連調(diào)階段。 設備安裝階段 在所有的設備模擬調(diào)試完畢后，就進行設備的安裝工作。 系統(tǒng)連調(diào)階段 在所有的網(wǎng)絡設備都安裝到位以后，包括所有的主機放置到DMZ區(qū)后。對處INTERNET服務的WEB、DNS、SMTP和POP3服務器接入PIX服務器的DMZ段，用于保護應有服務器的安全和對內(nèi)外提供服務。第四章、具體設備配置實例 Catalyst 65066506交換機模塊配置文檔begin! ***** NONDEFAULT CONFIGURATION *****!!time: Wed Oct 31 2001, 04:00:50 !version (2)!set password $2$ohhi$Pka/lgvq4acxpVc0ecW660set enablepass $2$F1/Q$NKbNCtkZmFVg2HO7PIhZZ/!errordetectionset errordetection portcounter enable!systemset system name cisco6506!!vtpset vtp domain hzdzgxyset vtp passwd ciscoset vlan 1 name default type ethernet mtu 1500 said 100001 state active set vlan 10 name dangzheng type ethernet mtu 1500 said 100010 state active set vlan 11 name renshi type ethernet mtu 1500 said 100011 state active set vlan 12 name jiaowu type ethernet mtu 1500 said 100012 state active set vlan 13 name xz_1_west type ethernet mtu 1500 said 100013 state active set vlan 14 name yanjiusheng type ethernet mtu 1500 said 100014 state active set vlan 15 name xuanchuan type ethernet mtu 1500 said 100015 state active set vlan 16 name xz_other1 type ethernet mtu 1500 said 100016 state active set vlan 17 name xz_other type ethernet mtu 1500 said 100017 state active set vlan 18 name cad type ethernet mtu 1500 said 100018 state active set vlan 19 name dianjiao type ethernet mtu 1500 said 100019 state active set vlan 20 name puter_center type ethernet mtu 1500 said 100020 state active set vlan 21 name shudent type ethernet mtu 1500 said 100021 state active set vlan 22 name wenli type ethernet mtu 1500 said 100022 state active set vlan 23 name jidian type ethernet mtu 1500 said 100023 state active set vlan 24 name zidonghua type ethernet mtu 1500 said 100024 state active set vlan 25 name caijing type ethernet mtu 1500 said 100025 state active set vlan 26 name guanli type ethernet mtu 1500 said 100026 state active set vlan 27 name jisuanji type ethernet mtu 1500 said 100027 state active set vlan 28 name dianzi type ethernet mtu 1500 said 100028 state active set vlan 29 name tongxin type ethernet mtu 1500 said 100029 state active set vlan 30 name xinxi type ethernet mtu 1500 said 100030 state active set vlan 31 name cae type ethernet mtu 1500 said 100031 state active set vlan 32 name sb_other type ethernet mtu 1500 said 100032 state active set vlan 33 name nic_2 type ethernet mtu 1500 said 100033 state active set vlan 34 name chengjiao type ethernet mtu 1500 said 100034 state active set vlan 35 name lib type ethernet mtu 1500 said 100035 state active set vlan 36 name lib_1 type ethernet mtu 1500 said 100036 state active set vlan 37 name nic_1 type ethernet mtu 1500 said 100037 state active set vlan 38 name proxy type ethernet mtu 1500 said 100038 state active set vlan 39 name puter_1 type ethernet mtu 1500 said 100039 state active set vlan 40 name puter_2 type ethernet mtu 1500 said 100040 state active set vlan 41 name puter_3 type ethernet mtu 1500 said 100041 state active set vlan 42 name puter_4 type ethernet mtu 1500 said 100042 state active set vlan 43 name puter_5 type ethernet mtu 1500 said 100043 state active set vlan 44 name puter_6 type ethernet mtu 1500 said 100044 state active set vlan 45 name lib_server type ethernet mtu 1500 said 100045 state active set vlan 46 name nic_3 type ethernet mtu 1500 said 100046 state active set vlan 48 name dialup type ethernet mtu 1500 said 100048 state active set vlan 50 name 408 type ethernet mtu 1500 said 100050 state active set vlan 51 name wy type ethernet mtu 1500 said 100051 state active set vlan 999 name cache type ethernet mtu 1500 said 100999 state active set vlan 1002 name fddidefault type fddi mtu 1500 said 101002 state active set vlan 1004 name fddinetdefault type fddinet mtu 1500 said 101004 state active stp ieee set vlan 1005 name trnetdefault type trbrf mtu 1500 said 101005 state active stp ibm set vlan 47set vlan 1003 name tokenringdefault type trcrf mtu 1500 said 101003 state active mode srb aremaxhop 7 stemaxhop 7 backupcrf off !ipset interface sc0 1 set ip route !set boot mandset boot configregister 0x2set boot system flash bootflash:!port channelset port channel 4/4648 15set port channel 1/12 33set port channel 4/28 35set port channel 4/914 36set port channel 4/1522 37set port channel 4/2330 38set port channel 4/3138 39set port channel 4/3945 40set port channel 4/1 75set port channel 2/18 362! default port status is enable!!module 1 : 2port 1000BaseX Supervisorset vlan 34 1/1set vlan 45 1/2set trunk 1/1 off isl 11005,10254094set trunk 1/2 off isl 11005,10254094set port channel 1/12 mode off!module 2 : 8port 1000BaseX Ethernetset udld enable 2/23,2/6,2/8 set trunk 2/1 nonegotiate isl 11005,10254094set trunk 2/2 nonegotiate isl 11005,10254094set trunk 2/3 nonegotiate isl 11005,10254094set trunk 2/4 nonegotiate isl 11005,10254094set trunk 2