secpath防火墙dhcp功能的典型配置

《secpath防火墙dhcp功能的典型配置》由会员上传分享，免费在线阅读，更多相关内容在行业资料-天天文库。

1、SecPath防火墙DHCP功能的典型配置一、组网需求：验证SecPath防火墙的DHCPServer和DHCPRelay的功能。二、组网图SecPath100F：版本为SECPATH100F-VRP340-E1605。三、配置步骤1.    DHCP_Server的主要配置#sysnameDHCP_Server#firewallpacket-filterenablefirewallpacket-filterdefaultpermitdhcpserverip-pool2//配置dhcp地址池2ne

2、twork192.168.1.0mask255.255.255.0gateway-list192.168.1.254dns-list202.106.0.20#dhcpserverip-pool10//配置dhcp地址池10network192.168.10.0mask255.255.255.0gateway-list192.168.10.254dns-list202.106.0.20#interfaceEthernet0/0ipaddress172.16.1.1255.255.255.0#fire

3、wallzonetrustaddinterfaceEthernet0/0setpriority85iproute-static192.168.0.0255.255.0.0172.16.1.2//配置去往内网的路由#2.       DHCP_Relay的主要配置#sysnameDHCP_Relay#firewallpacket-filterenablefirewallpacket-filterdefaultpermit#interfaceEthernet1/0ipaddress172.16.1.2

4、255.255.255.0interfaceEthernet1/2.2//创建子接口ipaddress192.168.1.254255.255.255.0iprelayaddress172.16.1.1//配置dhcprelay的地址dhcpselectrelay//启用dhcprelay功能vlan-typedot1qvid2//封装成VLAN2#interfaceEthernet1/2.10//创建子接口ipaddress192.168.10.254255.255.255.0iprelayad

5、dress172.16.1.1//配置dhcprelay的地址dhcpselectrelay//启用dhcprelay功能vlan-typedot1qvid10//封装成VLAN10#firewallzonetrustaddinterfaceEthernet1/2addinterfaceEthernet1/2.2addinterfaceEthernet1/2.10setpriority85#firewallzoneuntrustaddinterfaceEthernet1/0setpriority5

6、#iproute-static0.0.0.00.0.0.0172.16.1.1//配置默认路由#3.       S3526E交换机的主要配置#sysnameS3536E#vlan1#vlan2//创建VLAN2#vlan10//创建VLAN10#interfaceEthernet0/18portaccessvlan2//把端口加入到VLAN2#interfaceEthernet0/20portaccessvlan10//把端口加入到VLAN10#interfaceEthernet0/24port

7、link-typetrunk//把端口设置为Trunkporttrunkpermitvlan1to210#四、配置关键点见注释。