•配置用户user1，密码为digitalchina，使用此用户名的用户群为普通用户，不可以进入特权模式–Router#configRouter_config#username user1 password digitalchina –Router_config#aaa authentication for_login login local–Router_config#line console 0–Router_config_line#login authentication for_login–Router_config_line#–Router_config#enable password digitalchina level 15实训五十八HDLC封装•RouterA配置•指定封装协议为HDLC协议–RouterA_config#interface serial 2/0–RouterA_config_s2/0#encapsulation hdlc•指定接口的IP地址以及子网掩码–RouterA_config_s2/0#ip address 11.1.1.1 255.255.255.0–RouterA_config_s2/0#no shut•RouterB配置–Router_config#interface serial 1/0–Router_config_s1/0#encapsulation hdlc–Router_config_s1/0#ip address 11.1.1.2 255.255.255.0–指定此端口（DCE端）的内时钟信号频率–Router_config_s1/0#physical-layer speed 64000端口状态察看•Router#show interface serial 2/0•Serial2/0 is up, line protocol is up•。

•Encapsulation prototol HDLC, link check interval is 10 sec使用PAP验证的配置•RouterA配置–RouterA#config–RouterA_config#username RouterB_pap password digitallchinaB–RouterA_config#interface serial 2/0–RouterA_config_s2/0#encapsulation ppp–RouterA_config_s2/0#ppp authentication pap–RouterA_config_s2/0#ppp pap sent-username RouterA_pap digitalchinaA–RouterA_config_s2/0#ip address 192.168.2.1 255.255.255.0•RouterB的配置–RouterB#config–RouterB_config#username RouterA_pap password digitalchinaA–RouterB_config#interface serial 1/0–RouterB_config_s1/0#encapsulation ppp–RouterB_config_s1/0#ppp authentication pap–RouterB_config_s1/0#ppp pap sent-username RouterB_pap digitalchinaB–RouterB_config_s1/0#ip address 192.168.2.2 255.255.255.0–RouterB_config_s1/0#physical-layer speed 64000察看接口状态•Serial1/0 is up, line protocol is up•Mode=Sync DCE Speed=64000•DTR=UP, DSR=UP, RTS=UP, CTS=UP, DCD=UP•Interface address is 192.168.2.2/24•MTU 1500 bytes, BW 64 kbit, DLY 2000 usec•Encapsulation PPP, loopback not set•Keepalive set（10 sec）•LCP Opened•PAP Opened, Message: 'Welcome to Digitalchina Router' •IPCP Opened•。

使用CHAP验证的配置•RouterA的配置–RouterA_config#usernam e RouterB_chap password digitalchina–RouterA_config#interface serial 2/0–RouterA_config_s2/0#encapsulation ppp–RouterA_config_s2/0#ppp authentication chap–RouterA_config_s2/0#ppp chap hostname RouterA_chap–RouterA_config_s2/0#ppp chap password digitalchina–RouterA_config_s2/0#ip address 192.168.2.1 255.255.255.0–•RouterB的配置–RouterB_config#username RouterA_chap password digitalchina–RouterB_config#interface serial 1/0–RouterB_config_s1/0#encapsulation ppp–RouterB_config_s1/0#ppp authentication chap–RouterB_config_s1/0#ppp chap hostname RouterB_chap–RouterB_config_s1/0#ppp chap password digitalchina–RouterB_config_s1/0#physical-layer speed 64000–RouterB_config_s1/0#ip address 192.168.2.2 255.255.255.0 察看端口状态•Serial2/0 is up, line protocol is up•……•LCP Opened•CHAP Opened, Message: ' Welcome to Digitalchina Router' •IPCP Opened•……frame-relay封装RouterA 的配置•RouterA#config•RouterA_config#interface serial 2/0•RouterA_config_s2/0#encapsulation frame-relay•RouterA_config_s2/0#frame-relay local-dlci 17•RouterA_config_s2/0#frame-relay intf-type dte•RouterA_config_s2/0#frame-relay map 192.168.2.2 pvc 17 broadcast•RouterA_config_s2/0#ip address 192.168.2.1 255.255.255.0•RouterB的配置•RouterB#config•RouterB_config#interface serial 1/0•RouterB_config_s1/0#encapsulation frame-relay•RouterB_config_s1/0#frame-relay local-dlci 17•RouterB_config_s1/0#frame-relay intf-type dce•RouterB_config_s1/0#frame-relay map 192.168.2.1 pvc 17 broadcast•RouterB_config_s1/0#physical-layer speed 64000•RouterB_config_s1/0#ip address 192.168.2.2 255.255.255.0察看端口状态•Serial1/0 is up,line protocol is up•……•Encapsulation Frame-relay, loopback not set•……•FrameRelay DCE, LMI type is Q933A, LMI DLCI 0•LMI DCE Link Errors 12, Protocol Errors 3, Inactives 1•……RIP配置•配置路由器A的两个直接连接网段参与RIP协议进程–RouterA#config–RouterA_config#router rip–RouterA_config_rip#network 192.168.2.0–RouterA_config_rip#network 192.168.4.0•RIP协议的运行版本为2–RouterA_config_rip#version 2•OSPF路由协议•启动路由器A中的OSPF协议进程，进程号为1•RouterA#config•RouterA_config# router ospf 1•配置路由器A的两个直连网段以区域0的方式参与OSPF协议进程•RouterA_config_ospf_1#network 192.168.2.0 255.255.255.0 area 0•RouterA_config_ospf_1#network 192.168.4.0 255.255.255.0 area 0•创建VLAN–Console (Config)#vlan 100–Console (Config)#vlan 200•将端口添加进VLAN–Console(Config-Vlan100)#switchport interface ethernet 0/0/1-5–Console(Config-Vlan200)#switchport interface ethernet 0/0/6-10私有VLAN的设置步骤•创建私有vlan–DCS-3926S(Config)#vlan 100–DCS-3926S(Config-Vlan100)#private-vlan primary–DCS-3926S(Config)#vlan 101–DCS-3926S(Config-Vlan101)#private-vlan community •做VLAN 之间的关联–DCS-3926S(Config-Vlan100)#private-vlan association 101;102•添加端口成员–DCS-3926S(Config-Vlan100)#switchport interface ethernet 0/0/24链路聚合技术•第一步：创建port group•switchA(Config)#port-group 1•验证配置：•switchA#show port-group detail•switchA#show port-group brief•第二步：手工生成链路聚合组（第二、三步任选其一操作）•switchA(Config)#interface ethernet 0/0/1-2•switchA(Config-Port-Range)#port-group 1 mode on•验证配置：•switchA#show vlan•switchB#show port-group brief•第三步：LACP动态生成链路聚合组（第二、三步任选其一操作）•switchA(Config)#interface ethernet 0/0/1-2•switchA(Conifg-Port-Range)#port-group 1 mode active•验证配置：•switchA#show vlan•switchB#show port-group brief端口与地址绑定技术•第一步：使能端口的MAC地址绑定功能•switch(Config)#interface ethernet 0/0/1•switch(Config-Ethernet0/0/1)#switchport port-security•switch(Config-Ethernet0/0/1)#•第二步：添加端口静态安全MAC地址，缺省端口最大安全MAC地址数为1•switch(Config-Ethernet0/0/1)#switchport port-security mac-address 00-a0-d1-d1-07-ff•验证配置：•switch#show port-security•switch#show port-security address•第三步：在一个以太口上静态捆绑多个MAC•Switch(Config-Ethernet0/0/1)#switchport port-security maximum 4•Switch(Config-Ethernet0/0/1)#switchport port-security mac-address aa-aa-aa-aa-aa-aa•Switch(Config-Ethernet0/0/1)#switchport port-security mac-address aa-aa-aa-bb-bb-bb•第四步：清空端口与MAC绑定•switch(Config)#int ethernet 0/0/1•switch(Config-Ethernet0/0/1)#no switchport port-security•第五步：使能端口的MAC地址绑定功能，动态学习MAC并转换•switch(Config)#interface ethernet 0/0/1•switch(Config-Ethernet0/0/1)#switchport port-security•switch(Config-Ethernet0/0/1)#switchport port-security lock •switch(Config-Ethernet0/0/1)#switchport port-security convert •验证测试：•switch#show mac-address-table。