Scribd Logo
Upload

Welcome to Scribd!

  • SW Huawei S6700

    Uploaded by

    Nguyen Quoc Nhan
    1 views13 pages

    Copyright

    © © All Rights Reserved

    Available Formats

    TXT, PDF, TXT or read online from Scribd

    Did you find this document useful?

    Is this content inappropriate?

    Report this Document

    Copyright:

    © All Rights Reserved
    Download as TXT, PDF, TXT or read online from Scribd
    Flag for inappropriate content
    1 views13 pages

    SW Huawei S6700

    Uploaded by

    Nguyen Quoc Nhan

    Copyright:

    © All Rights Reserved
    Download as TXT, PDF, TXT or read online from Scribd
    Flag for inappropriate content
    of 13

    !

    Software Version V200R019C00SPC500


    #
    sysname YN4-Core-HX-S6730_H48X6C-A05-32U
    #
    info-center loghost source Vlanif94
    info-center loghost 10.173.3.66
    #
    vlan batch 80 94 96 104 112 116 193 196 1104 2112
    vlan batch 3000 3012 3018
    #
    stp instance 0 priority 4096
    #
    authentication-profile name default_authen_profile
    authentication-profile name dot1x_authen_profile
    authentication-profile name dot1xmac_authen_profile
    authentication-profile name mac_authen_profile
    authentication-profile name multi_authen_profile
    authentication-profile name portal_authen_profile
    #
    set save-configuration interval 10080 delay 1
    set save-configuration backup-to-server server 10.171.3.69 transport-type tftp
    #
    telnet server enable
    #
    clock timezone Thailand add 07:00:00
    #
    observe-port 1 interface XGigabitEthernet1/0/8
    #
    dhcp enable
    #
    diffserv domain default
    #
    ip vpn-instance default
    ipv4-family
    #
    radius-server template Luxshare_ict
    radius-server shared-key cipher %^%#KLX7'hW\G+Q)yzCD;;"8wr*9J/4zdL*9SW#;]|\)%^%#
    radius-server authentication 10.171.2.200 1812 source Vlanif 94 weight 80
    radius-server authentication 10.171.2.201 1812 source Vlanif 94 weight 80
    radius-server accounting 10.171.2.200 1813 source Vlanif 94 weight 80
    radius-server accounting 10.171.2.201 1813 source Vlanif 94 weight 80
    radius-server retransmit 2
    radius-server template default
    #
    pki realm default
    certificate-check none
    #
    acl name Merry-pda 3998
    rule 50 permit udp source 10.175.93.0 0.0.0.255 destination 10.173.2.70 0.0.0.1
    destination-port eq bootpc
    rule 60 permit udp source 10.175.93.0 0.0.0.255 destination 10.173.2.70 0.0.0.1
    destination-port eq bootps
    rule 70 permit udp source 10.175.93.0 0.0.0.255 destination-port eq dns
    rule 200 permit ip source 10.175.93.0 0.0.0.255 destination 10.175.5.55 0
    rule 300 deny ip source 10.175.93.0 0.0.0.255
    acl name Mobile 3999
    rule 10 permit udp destination-port eq bootps
    rule 20 permit udp destination-port eq bootpc
    rule 30 permit udp destination-port eq dns
    rule 40 permit ip destination 10.171.2.200 0
    rule 50 permit ip destination 10.171.2.201 0
    rule 55 permit ip destination 172.20.22.194 0
    rule 60 permit ip destination 172.20.22.195 0
    rule 65 permit ip destination 10.32.11.51 0
    rule 70 permit ip destination 172.20.12.0 0.0.0.255
    rule 75 deny ip destination 172.16.0.0 0.15.255.255
    rule 80 deny ip destination 10.0.0.0 0.255.255.255
    rule 85 deny ip destination 192.168.0.0 0.0.255.255
    rule 300 permit ip
    #
    free-rule-template name default_free_rule
    #
    portal-access-profile name portal_access_profile
    #
    drop-profile default
    #
    vlan 80
    name LUXSHARE-TEMP
    vlan 96
    name Luxshare-Office
    vlan 104
    name Luxshare-Mobile
    vlan 112
    name Luxshare-Guest
    vlan 193
    description MERRY-PDA
    vlan 196
    name Luxshare-merry
    vlan 1104
    name Merry-mobile
    vlan 3012
    description MES-FW-01&02-FD_300E
    #
    ip pool vlan96
    gateway-list 10.173.96.1
    network 10.173.96.0 mask 255.255.248.0
    lease day 2 hour 0 minute 0
    dns-list 10.171.2.59 172.20.20.59
    #
    ip pool Vlan104
    gateway-list 10.173.104.1
    network 10.173.104.0 mask 255.255.248.0
    excluded-ip-address 10.173.104.2 10.173.104.10
    dns-list 10.171.2.59 10.171.2.60
    #
    aaa
    authentication-scheme default
    authentication-mode local
    authentication-scheme luxshare_ict_auth
    authentication-mode radius local
    authentication-scheme radius
    authentication-mode radius
    authentication-scheme ren_zheng
    authentication-mode local
    authorization-scheme default
    authorization-mode local
    accounting-scheme default
    accounting-mode none
    accounting-scheme luxshare_ict_acc
    accounting-mode radius
    local-aaa-user password policy administrator
    password history record number 0
    password expire 0
    domain default
    authentication-scheme radius
    accounting-scheme default
    radius-server default
    domain default_admin
    authentication-scheme luxshare_ict_auth
    accounting-scheme luxshare_ict_acc
    radius-server Luxshare_ict
    local-user admin password irreversible-cipher $1c$<]jV!v,B08$jA4,UIzYR9po9`;
    +qTt&@xSqY7^g\Js{1i%8b>"8$
    local-user admin privilege level 15
    local-user admin service-type terminal http
    local-user admin user-type netmanager
    local-user sshadmin password irreversible-cipher $1c$:<^N1e/rHB$sauU*Vz-
    wAR5b4Ds$Z8K|{c]OSsYj2@zKuKS,{,8$
    local-user sshadmin privilege level 3
    local-user sshadmin service-type telnet ssh
    #
    ntp-service server disable
    ntp-service ipv6 server disable
    ntp-service refclock-master 2
    #
    interface Vlanif1
    shutdown
    #
    interface Vlanif94
    ip address 10.173.94.1 255.255.255.0
    #
    interface Vlanif96
    description Luxshare-Office
    ip address 10.173.96.1 255.255.248.0
    dhcp select relay
    dhcp relay server-ip 10.173.2.70
    dhcp relay server-ip 10.173.2.71
    #
    interface Vlanif104
    description Luxshare-Mobile
    ip address 10.173.104.1 255.255.248.0
    traffic-filter inbound acl name Mobile
    dhcp select relay
    dhcp relay server-ip 10.173.2.72
    #
    interface Vlanif112
    description Luxshare-Guest
    ip address 10.173.112.1 255.255.252.0
    traffic-filter inbound acl name Mobile
    dhcp select relay
    dhcp relay server-ip 10.173.2.72
    #
    interface Vlanif116
    description LAB-WIFI
    ip address 10.173.116.1 255.255.255.0
    traffic-filter inbound acl name Mobile
    dhcp select relay
    dhcp relay server-ip 10.173.2.72
    #
    interface Vlanif193
    description MERRY-PDA
    ip address 10.175.93.1 255.255.255.0
    traffic-filter inbound acl name Merry-pda
    dhcp select relay
    dhcp relay server-ip 10.173.2.70
    dhcp relay server-ip 10.173.2.71
    #
    interface Vlanif196
    description Luxshare-merry
    ip address 10.175.96.1 255.255.248.0
    dhcp select relay
    dhcp relay server-ip 10.173.2.70
    dhcp relay server-ip 10.173.2.71
    #
    interface Vlanif1104
    ip address 10.175.104.1 255.255.248.0
    traffic-filter inbound acl name Mobile
    dhcp select relay
    dhcp relay server-ip 10.173.2.72
    #
    interface Vlanif2112
    description Merry-Guest
    ip address 10.175.112.1 255.255.252.0
    traffic-filter inbound acl name Mobile
    dhcp select relay
    dhcp relay server-ip 10.173.2.72
    #
    interface Vlanif3000
    description Internet-FW-01&02-FD_300E
    ip address 10.173.0.1 255.255.255.252
    arp-proxy enable
    #
    interface Vlanif3012
    description MES-FW-01&02-FD_300E
    ip address 10.173.0.57 255.255.255.248
    #
    interface Vlanif3018
    description Link to BOSE-FW
    ip address 10.173.0.89 255.255.255.252
    #
    interface MEth0/0/1
    ip binding vpn-instance default
    #
    interface MEth0/0/2
    #
    interface Eth-Trunk1
    undo portswitch
    description WAN-HX-S5731 Eth-Trunk4
    ip address 10.173.0.9 255.255.255.252
    #
    interface Eth-Trunk3
    undo portswitch
    description PSTN-RT-01-ISR_4321 Eth-Trunk1
    ip address 10.173.0.6 255.255.255.252
    mode lacp
    #
    interface Eth-Trunk4
    undo portswitch
    description OA-Core-HX-01-S6730 Eth-Trunk1
    ip address 10.173.0.13 255.255.255.252
    port-mirroring to observe-port 1 inbound
    port-mirroring to observe-port 1 outbound
    #
    interface Eth-Trunk40
    description WIRELESS-WLC-01-CT5520-K9 port-channel1
    port link-type trunk
    undo port trunk allow-pass vlan 1
    port trunk allow-pass vlan 93 to 94 96 104 112 116 193 196 1104 2112
    stp bpdu-filter enable
    port-mirroring to observe-port 1 inbound
    #
    interface Eth-Trunk41
    description WIRELESS-WLC-02-CT5520-K9 port-channel1
    port link-type trunk
    undo port trunk allow-pass vlan 1
    port trunk allow-pass vlan 93 to 94 96 104 112 116 193 196 1104 2112
    stp bpdu-filter enable
    port-mirroring to observe-port 1 inbound
    #
    interface XGigabitEthernet0/0/1
    #
    interface XGigabitEthernet0/0/2
    #
    interface XGigabitEthernet0/0/3
    #
    interface XGigabitEthernet0/0/4
    #
    interface XGigabitEthernet0/0/5
    #
    interface XGigabitEthernet0/0/6
    #
    interface XGigabitEthernet0/0/7
    #
    interface XGigabitEthernet0/0/8
    #
    interface XGigabitEthernet0/0/9
    #
    interface XGigabitEthernet0/0/10
    #
    interface XGigabitEthernet0/0/11
    #
    interface XGigabitEthernet0/0/12
    #
    interface XGigabitEthernet0/0/13
    #
    interface XGigabitEthernet0/0/14
    #
    interface XGigabitEthernet0/0/15
    #
    interface XGigabitEthernet0/0/16
    #
    interface XGigabitEthernet0/0/17
    #
    interface XGigabitEthernet0/0/18
    #
    interface XGigabitEthernet0/0/19
    #
    interface XGigabitEthernet0/0/20
    #
    interface XGigabitEthernet0/0/21
    #
    interface XGigabitEthernet0/0/22
    #
    interface XGigabitEthernet0/0/23
    #
    interface XGigabitEthernet0/0/24
    #
    interface XGigabitEthernet0/0/25
    #
    interface XGigabitEthernet0/0/26
    #
    interface XGigabitEthernet0/0/27
    #
    interface XGigabitEthernet0/0/28
    #
    interface XGigabitEthernet0/0/29
    #
    interface XGigabitEthernet0/0/30
    #
    interface XGigabitEthernet0/0/31
    #
    interface XGigabitEthernet0/0/32
    #
    interface XGigabitEthernet0/0/33
    #
    interface XGigabitEthernet0/0/34
    #
    interface XGigabitEthernet0/0/35
    #
    interface XGigabitEthernet0/0/36
    #
    interface XGigabitEthernet0/0/37
    #
    interface XGigabitEthernet0/0/38
    #
    interface XGigabitEthernet0/0/39
    #
    interface XGigabitEthernet0/0/40
    #
    interface XGigabitEthernet0/0/41
    #
    interface XGigabitEthernet0/0/42
    #
    interface XGigabitEthernet0/0/43
    #
    interface XGigabitEthernet0/0/44
    #
    interface XGigabitEthernet0/0/45
    #
    interface XGigabitEthernet0/0/46
    #
    interface XGigabitEthernet0/0/47
    #
    interface XGigabitEthernet0/0/48
    #
    interface XGigabitEthernet1/0/1
    eth-trunk 1
    #
    interface XGigabitEthernet1/0/2
    description LAN-AC-02-AC_1000 port1
    port link-type access
    port default vlan 3000
    port-mirroring to observe-port 1 inbound
    port-mirroring to observe-port 1 outbound
    #
    interface XGigabitEthernet1/0/3
    eth-trunk 3
    #
    interface XGigabitEthernet1/0/4
    eth-trunk 4
    #
    interface XGigabitEthernet1/0/5
    description MES-FW-01-FD_300E port17
    port link-type access
    port default vlan 3012
    #
    interface XGigabitEthernet1/0/6
    undo portswitch
    description DC-HX-01-CE6881 10GE1/0/46
    ip address 10.173.0.41 255.255.255.252
    ospf network-type p2p
    #
    interface XGigabitEthernet1/0/7
    #
    interface XGigabitEthernet1/0/8
    #
    interface XGigabitEthernet1/0/9
    #
    interface XGigabitEthernet1/0/10
    #
    interface XGigabitEthernet1/0/11
    #
    interface XGigabitEthernet1/0/12
    #
    interface XGigabitEthernet1/0/13
    #
    interface XGigabitEthernet1/0/14
    #
    interface XGigabitEthernet1/0/15
    #
    interface XGigabitEthernet1/0/16
    #
    interface XGigabitEthernet1/0/17
    #
    interface XGigabitEthernet1/0/18
    #
    interface XGigabitEthernet1/0/19
    #
    interface XGigabitEthernet1/0/20
    #
    interface XGigabitEthernet1/0/21
    #
    interface XGigabitEthernet1/0/22
    #
    interface XGigabitEthernet1/0/23
    #
    interface XGigabitEthernet1/0/24
    #
    interface XGigabitEthernet1/0/25
    #
    interface XGigabitEthernet1/0/26
    #
    interface XGigabitEthernet1/0/27
    #
    interface XGigabitEthernet1/0/28
    #
    interface XGigabitEthernet1/0/29
    #
    interface XGigabitEthernet1/0/30
    #
    interface XGigabitEthernet1/0/31
    #
    interface XGigabitEthernet1/0/32
    #
    interface XGigabitEthernet1/0/33
    #
    interface XGigabitEthernet1/0/34
    #
    interface XGigabitEthernet1/0/35
    #
    interface XGigabitEthernet1/0/36
    #
    interface XGigabitEthernet1/0/37
    #
    interface XGigabitEthernet1/0/38
    #
    interface XGigabitEthernet1/0/39
    #
    interface XGigabitEthernet1/0/40
    port link-type trunk
    port trunk allow-pass vlan 94
    #
    interface XGigabitEthernet1/0/41
    #
    interface XGigabitEthernet1/0/42
    #
    interface XGigabitEthernet1/0/43
    eth-trunk 40
    #
    interface XGigabitEthernet1/0/44
    eth-trunk 40
    #
    interface XGigabitEthernet1/0/45
    #
    interface XGigabitEthernet1/0/46
    port link-type access
    port default vlan 3018
    mad detect mode direct
    #
    interface XGigabitEthernet1/0/47
    #
    interface XGigabitEthernet1/0/48
    #
    interface XGigabitEthernet2/0/1
    eth-trunk 1
    #
    interface XGigabitEthernet2/0/2
    description LAN-AC-02-AC_1000 port4
    port link-type access
    port default vlan 3000
    port-mirroring to observe-port 1 inbound
    port-mirroring to observe-port 1 outbound
    #
    interface XGigabitEthernet2/0/3
    eth-trunk 3
    #
    interface XGigabitEthernet2/0/4
    eth-trunk 4
    #
    interface XGigabitEthernet2/0/5
    description MES-FW-02-FD_300E port17
    port link-type access
    port default vlan 3012
    #
    interface XGigabitEthernet2/0/6
    undo portswitch
    description DC-HX-02-CE6881 10GE1/0/46
    ip address 10.173.0.45 255.255.255.252
    ospf network-type p2p
    #
    interface XGigabitEthernet2/0/7
    #
    interface XGigabitEthernet2/0/8
    #
    interface XGigabitEthernet2/0/9
    #
    interface XGigabitEthernet2/0/10
    #
    interface XGigabitEthernet2/0/11
    #
    interface XGigabitEthernet2/0/12
    #
    interface XGigabitEthernet2/0/13
    #
    interface XGigabitEthernet2/0/14
    #
    interface XGigabitEthernet2/0/15
    #
    interface XGigabitEthernet2/0/16
    #
    interface XGigabitEthernet2/0/17
    #
    interface XGigabitEthernet2/0/18
    #
    interface XGigabitEthernet2/0/19
    #
    interface XGigabitEthernet2/0/20
    #
    interface XGigabitEthernet2/0/21
    #
    interface XGigabitEthernet2/0/22
    #
    interface XGigabitEthernet2/0/23
    #
    interface XGigabitEthernet2/0/24
    #
    interface XGigabitEthernet2/0/25
    #
    interface XGigabitEthernet2/0/26
    #
    interface XGigabitEthernet2/0/27
    #
    interface XGigabitEthernet2/0/28
    #
    interface XGigabitEthernet2/0/29
    #
    interface XGigabitEthernet2/0/30
    #
    interface XGigabitEthernet2/0/31
    #
    interface XGigabitEthernet2/0/32
    #
    interface XGigabitEthernet2/0/33
    #
    interface XGigabitEthernet2/0/34
    #
    interface XGigabitEthernet2/0/35
    #
    interface XGigabitEthernet2/0/36
    #
    interface XGigabitEthernet2/0/37
    #
    interface XGigabitEthernet2/0/38
    #
    interface XGigabitEthernet2/0/39
    #
    interface XGigabitEthernet2/0/40
    port link-type trunk
    port trunk allow-pass vlan 94
    #
    interface XGigabitEthernet2/0/41
    #
    interface XGigabitEthernet2/0/42
    #
    interface XGigabitEthernet2/0/43
    eth-trunk 41
    #
    interface XGigabitEthernet2/0/44
    eth-trunk 41
    #
    interface XGigabitEthernet2/0/45
    #
    interface XGigabitEthernet2/0/46
    mad detect mode direct
    #
    interface XGigabitEthernet2/0/47
    #
    interface XGigabitEthernet2/0/48
    #
    interface 40GE0/0/1
    #
    interface 40GE0/0/2
    #
    interface 40GE0/0/3
    #
    interface 40GE0/0/4
    #
    interface 40GE0/0/5
    #
    interface 40GE0/0/6
    #
    interface 40GE1/0/1
    #
    interface 40GE1/0/2
    #
    interface 40GE1/0/3
    #
    interface 40GE1/0/4
    #
    interface 40GE1/0/5
    #
    interface 40GE1/0/6
    #
    interface 40GE2/0/1
    #
    interface 40GE2/0/2
    #
    interface 40GE2/0/3
    #
    interface 40GE2/0/4
    #
    interface 40GE2/0/5
    #
    interface 40GE2/0/6
    #
    interface NULL0
    #
    interface LoopBack0
    description Management&Router ID
    ip address 10.173.95.1 255.255.255.255
    #
    ospf 400 router-id 10.73.95.1
    default-route-advertise
    import-route static tag 5000
    area 0.0.0.0
    network 10.173.0.1 0.0.0.0
    network 10.173.0.6 0.0.0.0
    network 10.173.0.9 0.0.0.0
    network 10.173.0.13 0.0.0.0
    network 10.173.0.41 0.0.0.0
    network 10.173.0.45 0.0.0.0
    network 10.173.94.1 0.0.0.0
    network 10.173.95.1 0.0.0.0
    network 10.173.96.1 0.0.0.0
    network 10.173.104.1 0.0.0.0
    network 10.173.112.1 0.0.0.0
    network 10.175.93.1 0.0.0.0
    network 10.175.96.1 0.0.0.0
    network 10.175.104.1 0.0.0.0
    #
    route-policy test permit node 1
    #
    ip route-static 0.0.0.0 0.0.0.0 10.173.0.2 preference 5 tag 5000 description
    Default-Route
    ip route-static 10.1.1.0 255.255.255.0 10.173.0.58 preference 200 description TW-
    MERIT
    ip route-static 10.1.1.0 255.255.255.0 10.173.0.10 preference 210
    ip route-static 10.3.1.0 255.255.255.0 10.173.0.58 preference 200 description SZ-
    Merit
    ip route-static 10.4.1.102 255.255.255.255 10.173.0.58 preference 200 description
    Thialand-Merit
    ip route-static 10.4.7.13 255.255.255.255 10.173.0.58 preference 200 description
    Thialand-Merit
    ip route-static 10.53.2.0 255.255.255.0 10.173.0.58 preference 200 description SZ-
    Merit
    ip route-static 10.55.2.0 255.255.255.0 10.173.0.58 preference 200 description HZ-
    Merit
    ip route-static 10.101.2.0 255.255.255.0 10.173.0.58 preference 200 description TW-
    Merit
    ip route-static 10.101.2.0 255.255.255.0 10.173.0.10 preference 210
    ip route-static 10.101.5.0 255.255.255.0 10.173.0.58 preference 200 description TW-
    Merit
    ip route-static 10.101.5.0 255.255.255.0 10.173.0.10 preference 210
    ip route-static 10.103.2.0 255.255.255.0 10.173.0.58 preference 200 description SZ-
    Merit
    ip route-static 10.173.0.16 255.255.255.252 10.173.0.10 tag 5000 description SSL-
    VPN
    ip route-static 10.173.0.20 255.255.255.252 10.173.0.10 tag 5000 description CE-
    ROUTE
    ip route-static 10.173.0.72 255.255.255.252 10.173.0.58 tag 5000
    ip route-static 10.173.0.84 255.255.255.252 10.173.0.58 description DMZ-SW-ROUTE
    ip route-static 10.173.30.0 255.255.255.0 10.173.0.58 description DMZ-SERVER
    ip route-static 10.173.36.241 255.255.255.255 10.173.0.58 tag 5000 description A-
    Jiankong-Server
    ip route-static 10.173.116.0 255.255.255.0 10.173.0.10 tag 5000 description SSL-
    VPN-POOL
    ip route-static 10.174.0.0 255.255.0.0 10.173.0.58 tag 5000 description MES-Route
    ip route-static 10.174.0.4 255.255.255.252 10.173.0.58
    ip route-static 10.175.0.0 255.255.0.0 10.173.0.58 tag 5000 description MeiLv-OA-
    MES-Route
    ip route-static 45.249.212.0 255.255.255.0 10.173.0.10 description HUAWEI-APP
    ip route-static 192.168.30.0 255.255.255.0 10.173.0.2 description SMA-SERVER
    ip route-static vpn-instance default 0.0.0.0 0.0.0.0 10.173.94.254
    #
    snmp-agent
    snmp-agent local-engineid 800007DB03C4447DC80AC0
    snmp-agent community read cipher %^%#IR*]23TSmXO@*JBstVvM;5-C(yOJ%4cC\
    i.p's8IeK0^P;7M|#3`.m(+$|5Ya(x;I0g`x7,HzDCUU'z*%^%#
    snmp-agent sys-info version v2c
    undo snmp-agent sys-info version v3
    snmp-agent mib-view excluded allextrmon rmon
    snmp-agent inform timeout 5
    snmp-agent inform resend-times 6
    snmp-agent inform pending 7
    #
    stelnet server enable
    ssh user sshadmin
    ssh user sshadmin authentication-type password
    ssh user sshadmin service-type stelnet
    ssh server cipher aes256_ctr aes128_ctr
    ssh server hmac sha2_256
    ssh client cipher aes256_ctr aes128_ctr
    ssh client hmac sha2_256
    ssh server dh-exchange min-len 2048
    #
    user-interface con 0
    authentication-mode none
    user-interface vty 0 4
    authentication-mode aaa
    user privilege level 3
    protocol inbound all
    user-interface vty 16 20
    #
    wlan
    traffic-profile name default
    security-profile name default
    security-profile name default-wds
    security-profile name default-mesh
    ssid-profile name default
    vap-profile name default
    wds-profile name default
    mesh-handover-profile name default
    mesh-profile name default
    regulatory-domain-profile name default
    air-scan-profile name default
    rrm-profile name default
    radio-2g-profile name default
    radio-5g-profile name default
    wids-profile name default
    ap-system-profile name default
    port-link-profile name default
    wired-port-profile name default
    ap-group name default
    provision-ap
    #
    dot1x-access-profile name dot1x_access_profile
    #
    mac-access-profile name mac_access_profile
    #
    ops
    #
    return

    You might also like