我有一个 HP 交换机,支持第 2 层和第 3 层。我创建了一些 VLAN。我在 VLAN 1 上有一个带有 IP 地址的 ADSL 路由器192.168.1.2。从 VLAN 1 可以访问 Internet,但从其他 VLAN 不能访问 Internet。我可以从其他 VLAN 访问其他 VLAN。
下面是交换机配置:
******************************************************************************
* Copyright (c) 2010-2016 Hewlett Packard Enterprise Development LP *
* Without the owner's prior written consent, *
* no decompiling or reverse-engineering shall be allowed. *
******************************************************************************
Login authentication
Password:
<Switch>dis cu
#
version 5.20.99, Release 2222P01
#
sysname Switch
#
clock timezone Italy add 01:00:00
clock summer-time Italy repeating 02:00:00 2017 March last Sunday 03:00:00 2017 October last Sunday 01:00:00
#
dhcp relay server-group 1 ip 192.168.1.1
#
irf mac-address persistent timer
irf auto-update enable
undo irf link-delay
#
domain default enable system
#
dns resolve
dns server 8.8.8.8
dns server 8.8.4.4
dns server 192.168.1.2
#
telnet server enable
#
lldp compliance cdp
#
password-recovery enable
#
vlan 1
description Base
#
vlan 20
description Windows XP
#
vlan 100
description Periferiche
#
vlan 182
description PC
#
vlan 840
description Wi-Fi
#
domain system
access-limit disable
state active
idle-cut disable
self-service-url disable
#
dhcp server ip-pool nome
network 192.168.1.0 mask 255.255.255.0
gateway-list 192.168.1.1
dns-list 8.8.8.8 8.8.4.4 192.168.1.2
#
dhcp server ip-pool pc
network 192.168.182.0 mask 255.255.255.0
gateway-list 192.168.182.1
dns-list 8.8.8.8 8.8.4.4 192.168.1.2
#
dhcp server ip-pool periferiche
network 192.168.100.0 mask 255.255.255.0
gateway-list 192.168.100.1
dns-list 8.8.8.8 8.8.4.4 192.168.1.2
#
dhcp server ip-pool wifi
network 192.168.200.0 mask 255.255.255.0
gateway-list 192.168.200.1
dns-list 8.8.8.8 8.8.4.4 192.168.1.2
#
dhcp server ip-pool xp
network 192.168.20.0 mask 255.255.255.0
gateway-list 192.168.20.1
dns-list 8.8.8.8 8.8.4.4 192.168.1.2
#
user-group system
group-attribute allow-guest
#
local-user XXXXX
password cipher XXXXXX
authorization-attribute level 3
service-type ssh telnet
service-type web
#
interface NULL0
#
interface Vlan-interface1
ip address 192.168.1.1 255.255.255.0
#
interface Vlan-interface20
ip address 192.168.20.1 255.255.255.0
dhcp select relay
dhcp relay server-select 1
#
interface Vlan-interface100
ip address 192.168.100.1 255.255.255.0
dhcp select relay
dhcp relay server-select 1
#
interface Vlan-interface182
ip address 192.168.182.1 255.255.255.0
dhcp select relay
dhcp relay server-select 1
#
interface Vlan-interface840
ip address 192.168.200.1 255.255.255.0
dhcp select relay
dhcp relay server-select 1
#
interface GigabitEthernet1/0/1
lldp compliance admin-status cdp txrx
#
interface GigabitEthernet1/0/2
description Stampante Lexmark
port access vlan 100
lldp compliance admin-status cdp txrx
#
interface GigabitEthernet1/0/3
lldp compliance admin-status cdp txrx
#
interface GigabitEthernet1/0/4
description Stampante LBP5050N
port access vlan 100
lldp compliance admin-status cdp txrx
#
interface GigabitEthernet1/0/5
lldp compliance admin-status cdp txrx
#
interface GigabitEthernet1/0/6
description NAS (Network Attached Storage)
port access vlan 100
lldp compliance admin-status cdp txrx
#
interface GigabitEthernet1/0/7
lldp compliance admin-status cdp txrx
#
interface GigabitEthernet1/0/8
lldp compliance admin-status cdp txrx
#
interface GigabitEthernet1/0/9
lldp compliance admin-status cdp txrx
#
interface GigabitEthernet1/0/10
lldp compliance admin-status cdp txrx
#
interface GigabitEthernet1/0/11
lldp compliance admin-status cdp txrx
#
interface GigabitEthernet1/0/12
lldp compliance admin-status cdp txrx
#
interface GigabitEthernet1/0/13
lldp compliance admin-status cdp txrx
#
interface GigabitEthernet1/0/14
port access vlan 100
lldp compliance admin-status cdp txrx
#
interface GigabitEthernet1/0/15
lldp compliance admin-status cdp txrx
#
interface GigabitEthernet1/0/16
port access vlan 840
lldp compliance admin-status cdp txrx
#
interface GigabitEthernet1/0/17
lldp compliance admin-status cdp txrx
#
interface GigabitEthernet1/0/18
port access vlan 182
lldp compliance admin-status cdp txrx
#
interface GigabitEthernet1/0/19
lldp compliance admin-status cdp txrx
#
interface GigabitEthernet1/0/20
lldp compliance admin-status cdp txrx
#
interface GigabitEthernet1/0/21
lldp compliance admin-status cdp txrx
#
interface GigabitEthernet1/0/22
description PC Windows XP
port access vlan 20
lldp compliance admin-status cdp txrx
#
interface GigabitEthernet1/0/23
lldp compliance admin-status cdp txrx
#
interface GigabitEthernet1/0/24
description Modem e access point
lldp compliance admin-status cdp txrx
#
interface GigabitEthernet1/0/25
shutdown
#
interface GigabitEthernet1/0/26
shutdown
#
interface GigabitEthernet1/0/27
shutdown
#
interface GigabitEthernet1/0/28
shutdown
#
ip route-static 0.0.0.0 0.0.0.0 192.168.1.2 preference 65
#
dhcp server forbidden-ip 192.168.1.0 192.168.1.2
#
dhcp enable
#
ntp-service unicast-server 193.204.114.232
ntp-service unicast-server 193.204.114.233
#
ssh server enable
#
load xml-configuration
#
user-interface aux 0
user-interface vty 0
user privilege level 3
set authentication password cipher XXXXXX
user-interface vty 1 15
#
return
<Switch>
我该如何解决我的问题?
我在 ADSL 路由器上注意到的一件奇怪的事情是它有一个 WAN IP 79.35.XXX.XXX 和网关 192.168.100.1(为什么?);但我不能修改它。ADSL 路由器由电话公司提供,配置可能性有限。
<Switch>display ip routing-table
Routing Tables: Public
Destinations : 10 Routes : 10
Destination/Mask Proto Pre Cost NextHop Interface
0.0.0.0/0 Static 65 0 192.168.1.2 Vlan1
127.0.0.0/8 Direct 0 0 127.0.0.1 InLoop0
127.0.0.1/32 Direct 0 0 127.0.0.1 InLoop0
192.168.1.0/24 Direct 0 0 192.168.1.1 Vlan1
192.168.1.1/32 Direct 0 0 127.0.0.1 InLoop0
192.168.20.0/24 Direct 0 0 192.168.20.1 Vlan20
192.168.20.1/32 Direct 0 0 127.0.0.1 InLoop0
192.168.100.0/24 Direct 0 0 192.168.100.1 Vlan100
192.168.100.1/32 Direct 0 0 127.0.0.1 InLoop0
我无法从 VLAN1 以外的 VLAN ping ADSL 路由器的 IP 地址 192.168.1.2。