核心交换机3600
sysname HW3600
vlan 1
vlan 1001
description "fanghuoqiang"
vlan 1005
description "server-8F"
vlan 2811
description "jijianwei-1F"
vlan 2812
description "xinfangju-1F"
vlan 2813
description "qitan-1F"
vlan 2821
description "nonggongwei-2F"
vlan 2822
description "zhengxie-2F"
vlan 2823
description "qita-2F"
vlan 2831
description "renda-3F"
vlan 2832
description "qita-3F"
vlan 2841
description "qita-4F"
vlan 2851
description "shizhengfu-5F"
vlan 2861
description "shiwei-6F"
vlan 2871
description "zuzhibu-7F"
vlan 2881
description "kejiju-8F"
vlan 2882
description "zhengfawei-8F"
vlan 2883
description "qita-8F"
vlan 2884
description "xinxizhongxin-8F"
interface vlan-interface1001
ipaddress 10.10.20.10 255.255.255.0
interface vlan-interface1005
ipaddress 192.168.133.254 255.255.255.0
interface vlan-interface2811
ipaddress 192.168.1.254 255.255.255.0
interface vlan-interface2812
ipaddress 192.168.2.254 255.255.255.0
interface vlan-interface2813
ipaddress 192.168.3.254 255.255.255.0
interface vlan-interface2821
ipaddress 192.168.4.254 255.255.255.0
interface vlan-interface2822
ipaddress 192.168.5.254 255.255.255.0
interface vlan-interface2823
ipaddress 192.168.6.254 255.255.255.0
interface vlan-interface2831
ipaddress 192.168.7.254 255.255.255.0
interface vlan-interface2832
ipaddress 192.168.8.254 255.255.255.0
interface vlan-interface2841
ipaddress 192.168.9.254 255.255.255.0
interface vlan-interface2851
ipaddress 192.168.10.254 255.255.255.0
interface vlan-interface2861
ipaddress 192.168.11.254 255.255.255.0
interface vlan-interface2871
ipaddress 192.168.12.254 255.255.255.0
interface vlan-interface2881
ipaddress 192.168.13.254 255.255.255.0
interface vlan-interface2882
ipaddress 192.168.14.254 255.255.255.0
interface vlan-interface2883
ipaddress 192.168.15.254 255.255.255.0
interface vlan-interface2884
ipaddress 192.168.18.254 255.255.255.0
interface ethernet 1/0/1
port access vlan 2811
interface ethernet 1/0/2
port access vlan 2812
interface ethernet 1/0/3
port access vlan 2813
interface ethernet 1/0/4
port access vlan 2821
interface ethernet 1/0/5
port access vlan 2822
interface ethernet 1/0/6
port access vlan 2823
interface ethernet 1/0/7
port access vlan 2831
interface ethernet 1/0/8
port access vlan 2832
interface ethernet 1/0/9
port access vlan 2841
interface ethernet 1/0/10
port access vlan 2851
interface ethernet 1/0/11
port access vlan 2861
interface ethernet 1/0/12
port access vlan 2871
interface ethernet 1/0/13
port access vlan 2881
interface ethernet 1/0/14
port access vlan 2882
interface ethernet 1/0/15
port access vlan 2883
interface ethernet 1/0/16
port access vlan 2884
interface ethernet 1/0/17
port access vlan 1005
interface ethernet 1/0/18
port access vlan 1005
interface ethernet 1/0/19
port access vlan 1005
interface ethernet 1/0/20
port access vlan 1005
interface ethernet 1/0/21
port access vlan 1005
interface ethernet 1/0/22
port access vlan 1005
interface ethernet 1/0/23
port access vlan 1005
interface gigabitethernet 1/1/1
interface gigabitethernet 1/1/2
interface gigabitethernet 1/1/3
port access vlan 1001
interface gigabitethernet 1/1/4
port access vlan 1005
interface null0
iproute-static 0.0.0.0 0.0.0.0 10.10.20.20
iproute-static 3.0.0.0 255.0.0.0 192.168.133.8
iproute-static 66.0.0.0 255.0.0.0 192.168.133.8
iproute-static 68.0.0.0 255.0.0.0 192.168.133.8
iproute-static 172.18.0.0 255.255.0.0 192.168.133.8
iproute-static 200.0.0.0 255.0.0.0 192.168.133.8
双wan口宽带路由
nat server global 10.10.10.30 4500 inside 192.168.133.8 4500 udp #nat-t
nat server global 10.10.10.30 1723 inside 192.168.133.8 1723 tcp #pptp
nat server global 10.10.10.30 1701 inside 192.168.133.8 1701 udp #l2tp
nat server global 10.10.10.30 500 inside 192.168.133.8 500 udp #ike
isa 添加静态路由
route add -p 192.168.0.0 mask 255.255.224.0 192.168.133.254
route add -p 3.0.0.0 mask 255.0.0.0 3.37.133.254
route add -p 60.0.0.0 mask 255.0.0.0 3.37.133.254
route add -p 66.0.0.0 mask 255.0.0.0 3.37.133.254
route add -p 68.0.0.0 mask 255.0.0.0 3.37.133.254
route add -p 200.0.0.0 mask 255.0.0.0 3.37.133.254