September 22, 2023
At home we have a wireless router to solve problem with Internet. In enterprise, we have an enterprise-level router with more professional performance and configuration methods.
The following shows that there are two types of business systems in an enterprise: a business network and an office network. Both types of networks can be configured to access external network devices.
We first separate two VLANs on LAN, corresponding to business network and office network, respectively.
System topology
Configuration of SW1 aggregation switch:
1-Create VLAN
browse system
[Huawei]SW1 system name
[SW1]Unenable Information Center
[SW1]vlan 10
[SW1-vlan10]q
[SW1]vlan 20
[SW1-vlan20]q
[SW1]vlan 999
[SW1-vlan20]q
2 - Configure VLAN Address
[SW1]int. vlan 10
[SW1-Vlanif10]IP address 192.168.10.254 24
[SW1-Vlanif10]q
[SW1-Vlanif10]ext. vlan 20
[SW1-Vlanif20]IP address 192.168.20.254 24
[SW1-Vlanif20]q
[SW1-Vlanif10]int vlan 999; Set management address of switch
[SW1-Vlanif999]IP address 192.168.60.253 24
3 - Add switch port to appropriate VLAN:
[SW1]GigabitEthernet 0/0/1 interface
[SW1-GigabitEthernet0/0/1]Link access port
[SW1-GigabitEthernet0/0/1]default port vlan 10
[SW1-GigabitEthernet0/0/1]q
[SW1]GigabitEthernet interface 0/0/2
[SW1-GigabitEthernet0/0/2]port channel access
[SW1-GigabitEthernet0/0/2]default port vlan 20
[SW1-GigabitEthernet0/0/2]q
[SW1]GigabitEthernet interface 0/0/24
[SW1-GigabitEthernet0/0/2]port channel access
[SW1-GigabitEthernet0/0/2]default port vlan 999
[SW1-GigabitEthernet0/0/2]q
[SW1]ping 60.60.60.60
Access R1 configuration
1 - Configure IP address of router interface
browse system
[Huawei]R1 system name
[R1] unenable info center
[R1]GigabitEthernet interface 0/0/0
[R1-GigabitEthernet0/0/0]IP address 192.168.60.254 24
[R1-GigabitEthernet0/0/0]q
[R1]GigabitEthernet interface 0/0/1
[R1-GigabitEthernet0/0/1]IP address 60.60.60.61 255.255.0.0
[R1-GigabitEthernet0/0/1]q
[R1]ping 60.60.60.60
ping 192.168.60.254
[R1]
But there is no connection with router on SW1, and you need to add a route;
Configure routing on SW1
4 - Set up routing on main switch
[SW1]ip route-static 0.0.0.0 0.0.0.0 192.168.60.254
2 - Set up static routing on router
Configure routing on R1
[R1]ip route-static 192.168.20.0 255.255.255.0 192.168.60.253
[R1]ip route-static 192.168.10.0 255.255.255.0 192.168.60.253
Check again
However, PC2 and PC3 cannot communicate with 60.60.60.60. This is because internal and external networks cannot communicate directly, and NAT address translation is required. The next chapter introduces NAT technology. Welcome, keep paying attention.
