1、限制telnet登录
acl number 3100
rule 10 permit tcp source 111.198.33.11 0 destination-port eq telnet
rule 11 permit tcp source 111.198.33.12 0 destination-port eq telnet
acl number 3101
rule 10 deny tcp source 0.0.0.0 0 destination-port eq telnet
#
traffic classifier hrb-telnet-allow operator and
if-match acl 3100
traffic classifier hrb-telnet-deny operator and
if-match acl 3101
#
traffic behavior telnet-allow
permit
traffic behavior telnet-deny deny
#
traffic policy hrb-sw-telnet
classifier hrb-telnet-allow behavior telnet-allow
classifier hrb-telnet-deny behavior telnet-deny
#
2、华为交换机配置多vlan的dhcp
dhcp enable
vlan 10
interface Vlanif10
ip address 10.10.0.1 255.255.0.0
dhcp select global
ip pool vlan10
gateway-list 10.10.0.1
network 10.10.0.0 mask 255.255.0.0
dns-list 114.114.114.114
vlan 20
interface Vlanif20
ip address 10.20.0.1 255.255.0.0
dhcp select global
ip pool vlan20
gateway-list 10.20.0.1
network 10.20.0.0 mask 255.255.0.0
dns-list 114.114.114.114
vlan 30
interface Vlanif30
ip address 10.30.0.1 255.255.0.0
dhcp select global
ip pool vlan30
gateway-list 10.30.0.1
network 10.30.0.0 mask 255.255.0.0
dns-list 114.114.114.114
vlan 40
interface Vlanif40
ip address 10.40.0.1 255.255.0.0
dhcp select global
ip pool vlan40
gateway-list 10.40.0.1
network 10.40.0.0 mask 255.255.0.0
dns-list 114.114.114.114
vlan 50
interface Vlanif50
ip address 10.50.0.1 255.255.0.0
dhcp select global
ip pool vlan50
gateway-list 10.50.0.1
network 10.50.0.0 mask 255.255.0.0
dns-list 114.114.114.114
vlan 60
interface Vlanif60
ip address 10.60.0.1 255.255.0.0
dhcp select global
ip pool vlan60
gateway-list 10.60.0.1
network 10.60.0.0 mask 255.255.0.0
dns-list 114.114.114.114