我们有一个相对平坦的网络,其中 Cisco 交换机运行 rapid-pvst。大多数不是EOL。我们有一个可通过防火墙 (10.10.10.5)、VLAN 900 访问的子网。图中的路由器用作我们的网关。出于某种原因,在完全不相关的交换机(Office 2 Sw)上禁用 VLAN 900no vlan 900会阻止路由器 ping 防火墙。但是,路由器仍然可以 ping 该 VLAN 上的其他设备。
我已经检查了 MAC 地址的 ARP 表(它是正确的)并使用show mac addr | include <mac>我相信 L2 转发将我们带到路径路由器 > 网络 Sw 1 > 防火墙而不是路由器 > 办公室 1 软件 > 办公室的一些奇怪的反向路径的命令2 软件 > 网络软件 1 > 防火墙
我还可能缺少哪些其他作品?我主要担心的是 Office 2 中的电源或连接中断不应影响我们采取的路径。
show spanning-tree vlan 900从 Office 2 Sw 显示到 Network Sw 1 的链接是 BLK。
更新 1:路由器是根网桥。
更新 2:网络软件 1:
no service pad
service timestamps debug datetime msec localtime show-timezone
service timestamps log datetime msec localtime show-timezone
!
!
boot-start-marker
boot-end-marker
!
!
aaa new-model
!
!
aaa authentication login default local
!
!
!
!
!
!
aaa session-id common
clock timezone CST -6 0
clock summer-time CST recurring
switch 1 provision ws-c2960s-24ps-l
!
!
no ip domain-lookup
ip name-server 192.168.11.23
!
!
!
!
!
!
!
crypto pki trustpoint TP-self-signed-357113856
enrollment selfsigned
subject-name cn=IOS-Self-Signed-Certificate-357113856
revocation-check none
rsakeypair TP-self-signed-357113856
!
!
crypto pki certificate chain TP-self-signed-357113856
certificate self-signed 01
3082...0030
quit
!
spanning-tree mode rapid-pvst
spanning-tree portfast bpduguard default
spanning-tree extend system-id
spanning-tree vlan 1-1001,1006-4094 priority 28672
errdisable recovery cause udld
errdisable recovery cause bpduguard
errdisable recovery cause security-violation
errdisable recovery cause channel-misconfig
errdisable recovery cause pagp-flap
errdisable recovery cause dtp-flap
errdisable recovery cause link-flap
errdisable recovery cause sfp-config-mismatch
errdisable recovery cause gbic-invalid
errdisable recovery cause psecure-violation
errdisable recovery cause port-mode-failure
errdisable recovery cause dhcp-rate-limit
errdisable recovery cause pppoe-ia-rate-limit
errdisable recovery cause mac-limit
errdisable recovery cause vmps
errdisable recovery cause storm-control
errdisable recovery cause inline-power
errdisable recovery cause arp-inspection
errdisable recovery cause loopback
errdisable recovery cause small-frame
errdisable recovery cause psp
errdisable recovery interval 60
port-channel load-balance src-dst-ip
!
!
!
!
vlan internal allocation policy ascending
!
!
!
!
!
!
!
!
!
!
!
interface Port-channel3
switchport mode trunk
spanning-tree link-type point-to-point
!
interface Port-channel5
switchport mode trunk
spanning-tree link-type point-to-point
!
interface FastEthernet0
ip address 2.2.2.1 255.255.255.0
!
interface GigabitEthernet1/0/1
switchport mode trunk
channel-group 5 mode auto
!
interface GigabitEthernet1/0/2
switchport mode trunk
channel-group 5 mode auto
description LINK_TO_ROUTER
!
interface GigabitEthernet1/0/3
switchport mode trunk
channel-group 5 mode auto
!
interface GigabitEthernet1/0/4
switchport mode trunk
channel-group 5 mode auto
!
interface GigabitEthernet1/0/5
switchport mode trunk
channel-group 5 mode auto
!
interface GigabitEthernet1/0/6
switchport mode trunk
channel-group 5 mode auto
!
interface GigabitEthernet1/0/7
switchport trunk allowed vlan 1,16,52,90,99,100,300
switchport mode trunk
spanning-tree portfast trunk
spanning-tree bpduguard enable
!
interface GigabitEthernet1/0/8
switchport trunk allowed vlan 1,16,52,90,99,100,300
switchport mode trunk
spanning-tree portfast trunk
spanning-tree bpduguard enable
!
interface GigabitEthernet1/0/9
switchport trunk allowed vlan 1,16,52,90,99,100,300
switchport mode trunk
spanning-tree portfast trunk
spanning-tree bpduguard enable
!
interface GigabitEthernet1/0/10
switchport trunk allowed vlan 1,16,52,90,99,100,300
switchport mode trunk
spanning-tree portfast trunk
spanning-tree bpduguard enable
!
interface GigabitEthernet1/0/11
switchport trunk allowed vlan 1,16,52,90,99,100,300
switchport mode trunk
spanning-tree portfast trunk
spanning-tree bpduguard enable
!
interface GigabitEthernet1/0/12
switchport trunk allowed vlan 1,16,52,90,99,100,300
switchport mode trunk
spanning-tree portfast trunk
spanning-tree bpduguard enable
!
interface GigabitEthernet1/0/13
switchport trunk allowed vlan 1,16,52,90,99,100,300
switchport mode trunk
spanning-tree portfast trunk
spanning-tree bpduguard enable
!
interface GigabitEthernet1/0/14
switchport trunk allowed vlan 1,16,52,90,99,100,300
switchport mode trunk
spanning-tree portfast trunk
spanning-tree bpduguard enable
!
interface GigabitEthernet1/0/15
switchport trunk allowed vlan 1,16,52,90,99,100,300
switchport mode trunk
spanning-tree portfast trunk
spanning-tree bpduguard enable
!
interface GigabitEthernet1/0/16
switchport trunk allowed vlan 1,747
switchport mode trunk
spanning-tree portfast trunk
spanning-tree bpduguard enable
!
interface GigabitEthernet1/0/17
switchport mode access
spanning-tree portfast trunk
spanning-tree bpduguard enable
!
interface GigabitEthernet1/0/18
description LINK_TO_FIREWALL
switchport trunk allowed vlan 50,51,900,996,998
switchport mode trunk
spanning-tree portfast trunk
spanning-tree bpduguard disable
!
interface GigabitEthernet1/0/19
switchport mode access
spanning-tree portfast trunk
spanning-tree bpduguard disable
!
interface GigabitEthernet1/0/20
switchport mode trunk
spanning-tree bpduguard disable
spanning-tree link-type point-to-point
!
interface GigabitEthernet1/0/21
switchport mode access
spanning-tree portfast trunk
spanning-tree bpduguard enable
!
interface GigabitEthernet1/0/22
switchport mode trunk
spanning-tree portfast trunk
spanning-tree bpduguard enable
!
interface GigabitEthernet1/0/23
switchport access vlan 66
switchport mode access
spanning-tree portfast trunk
spanning-tree bpduguard disable
!
interface GigabitEthernet1/0/24
switchport access vlan 998
switchport mode access
spanning-tree portfast trunk
spanning-tree bpduguard disable
!
interface GigabitEthernet1/0/25
!
interface GigabitEthernet1/0/26
switchport mode trunk
spanning-tree bpduguard disable
spanning-tree link-type point-to-point
!
interface GigabitEthernet1/0/27
!
interface GigabitEthernet1/0/28
!
interface Vlan1
ip address 192.168.11.71 255.255.255.0
!
interface Vlan50
no ip address
!
interface Vlan51
no ip address
!
interface Vlan900
no ip address
!
interface Vlan995
no ip address
!
interface Vlan996
no ip address
!
interface Vlan998
no ip address
!
ip default-gateway 192.168.11.10
ip http server
ip http authentication local
ip http secure-server
!
!
!
!
line con 0
logging synchronous
line vty 0 4
privilege level 15
logging synchronous
length 0
transport input telnet ssh
line vty 5 15
privilege level 15
logging synchronous
transport input telnet ssh
!
ntp server 192.168.11.73
ntp server 192.168.11.10
end
路由器:
service timestamps debug datetime msec localtime show-timezone
service timestamps log datetime msec localtime show-timezone
service compress-config
no platform punt-keepalive disable-kernel-core
!
hostname Router
!
!
vrf definition Mgmt-vrf
!
address-family ipv4
exit-address-family
!
address-family ipv6
exit-address-family
!
!
aaa new-model
!
!
aaa authentication login default local
!
!
!
!
!
!
aaa session-id common
clock timezone CST -6 0
clock summer-time CST recurring
switch 1 provision ws-c3850-48t
!
!
!
!
ip routing
!
!
!
ip multicast-routing
ip name-server 192.168.11.23
no ip domain lookup
!
!
!
!
!
!
!
!
!
vtp mode transparent
!
table-map AutoQos-4.0-Trust-Cos-Table
default copy
!
!
crypto pki trustpoint TP-self-signed-2813757840
enrollment selfsigned
subject-name cn=IOS-Self-Signed-Certificate-2813757840
revocation-check none
rsakeypair TP-self-signed-2813757840
!
!
crypto pki certificate chain TP-self-signed-2813757840
certificate self-signed 01
308... CE3
quit
!
port-channel load-balance src-dst-ip
errdisable recovery cause udld
errdisable recovery cause bpduguard
errdisable recovery cause security-violation
errdisable recovery cause channel-misconfig
errdisable recovery cause pagp-flap
errdisable recovery cause dtp-flap
errdisable recovery cause link-flap
errdisable recovery cause sfp-config-mismatch
errdisable recovery cause gbic-invalid
errdisable recovery cause l2ptguard
errdisable recovery cause psecure-violation
errdisable recovery cause port-mode-failure
errdisable recovery cause dhcp-rate-limit
errdisable recovery cause pppoe-ia-rate-limit
errdisable recovery cause mac-limit
errdisable recovery cause vmps
errdisable recovery cause storm-control
errdisable recovery cause inline-power
errdisable recovery cause arp-inspection
errdisable recovery cause loopback
errdisable recovery cause psp
errdisable recovery interval 60
license boot level ipbasek9
!
!
diagnostic bootup level minimal
!
spanning-tree mode rapid-pvst
spanning-tree portfast bpduguard default
spanning-tree extend system-id
spanning-tree vlan 1-1001,1006-4094 priority 24576
!
!
redundancy
mode sso
!
!
transceiver type all
monitoring
!
vlan 16
!
vlan 50-51,66,88
!
vlan 90
!
vlan 99
!
vlan 100
!
vlan 200
!
vlan 300
!
vlan 747
!
vlan 900
!
vlan 996-997
!
vlan 998
!
vlan 999
!
!
class-map match-any AutoQos-4.0-Output-Multimedia-Conf-Queue
match dscp af41 af42 af43
match cos 4
class-map match-any system-cpp-police-topology-control
class-map match-any system-cpp-police-sw-forward
class-map match-any AutoQos-4.0-Output-Bulk-Data-Queue
match dscp af11 af12 af13
match cos 1
class-map match-any system-cpp-default
class-map match-any system-cpp-police-sys-data
class-map match-any AutoQos-4.0-Output-Priority-Queue
match dscp cs4 cs5 ef
match cos 5
class-map match-any system-cpp-police-punt-webauth
class-map match-any AutoQos-4.0-Output-Multimedia-Strm-Queue
match dscp af31 af32 af33
class-map match-any system-cpp-police-forus
class-map match-any system-cpp-police-multicast-end-station
class-map match-any system-cpp-police-multicast
class-map match-any system-cpp-police-l2-control
class-map match-any system-cpp-police-dot1x-auth
class-map match-any system-cpp-police-data
class-map match-any system-cpp-police-control-low-priority
class-map match-any system-cpp-police-wireless-priority1
class-map match-any system-cpp-police-wireless-priority2
class-map match-any system-cpp-police-wireless-priority3-4-5
class-map match-any non-client-nrt-class
class-map match-any AutoQos-4.0-Output-Trans-Data-Queue
match dscp af21 af22 af23
match cos 2
class-map match-any system-cpp-police-routing-control
class-map match-any system-cpp-police-protocol-snooping
class-map match-any AutoQos-4.0-Output-Scavenger-Queue
match dscp cs1
class-map match-any AutoQos-4.0-Output-Control-Mgmt-Queue
match dscp cs2 cs3 cs6 cs7
match cos 3
!
policy-map port_child_policy
class non-client-nrt-class
bandwidth remaining ratio 10
policy-map AutoQos-4.0-Output-Policy
class AutoQos-4.0-Output-Priority-Queue
priority level 1 percent 30
class AutoQos-4.0-Output-Control-Mgmt-Queue
bandwidth remaining percent 10
queue-limit dscp cs2 percent 80
queue-limit dscp cs3 percent 90
queue-limit dscp cs6 percent 100
queue-limit dscp cs7 percent 100
queue-buffers ratio 10
class AutoQos-4.0-Output-Multimedia-Conf-Queue
bandwidth remaining percent 10
queue-buffers ratio 10
class AutoQos-4.0-Output-Trans-Data-Queue
bandwidth remaining percent 10
queue-buffers ratio 10
class AutoQos-4.0-Output-Bulk-Data-Queue
bandwidth remaining percent 4
queue-buffers ratio 10
class AutoQos-4.0-Output-Scavenger-Queue
bandwidth remaining percent 1
queue-buffers ratio 10
class AutoQos-4.0-Output-Multimedia-Strm-Queue
bandwidth remaining percent 10
queue-buffers ratio 10
class class-default
bandwidth remaining percent 25
queue-buffers ratio 25
policy-map AutoQos-4.0-Trust-Cos-Input-Policy
class class-default
set cos cos table AutoQos-4.0-Trust-Cos-Table
policy-map system-cpp-policy
class system-cpp-police-data
police rate 200 pps
class system-cpp-police-sys-data
police rate 100 pps
class system-cpp-police-sw-forward
police rate 1000 pps
class system-cpp-police-multicast
police rate 500 pps
class system-cpp-police-multicast-end-station
police rate 2000 pps
class system-cpp-police-punt-webauth
class system-cpp-police-l2-control
class system-cpp-police-routing-control
police rate 1800 pps
class system-cpp-police-control-low-priority
class system-cpp-police-wireless-priority1
class system-cpp-police-wireless-priority2
class system-cpp-police-wireless-priority3-4-5
class system-cpp-police-topology-control
class system-cpp-police-dot1x-auth
class system-cpp-police-protocol-snooping
class system-cpp-police-forus
class system-cpp-default
!
!
!
!
!
!
!
!
!
!
!
!
!
!
interface Port-channel1
switchport mode trunk
spanning-tree link-type point-to-point
!
interface Port-channel2
switchport mode trunk
spanning-tree link-type point-to-point
!
interface Port-channel3
switchport mode trunk
spanning-tree link-type point-to-point
!
interface Port-channel5
switchport mode trunk
spanning-tree link-type point-to-point
!
interface GigabitEthernet0/0
vrf forwarding Mgmt-vrf
no ip address
negotiation auto
!
interface GigabitEthernet1/0/1
switchport mode trunk
channel-group 3 mode desirable
!
interface GigabitEthernet1/0/2
switchport mode trunk
channel-group 3 mode desirable
!
interface GigabitEthernet1/0/3
switchport mode trunk
channel-group 3 mode desirable
!
interface GigabitEthernet1/0/4
switchport mode trunk
channel-group 3 mode desirable
!
interface GigabitEthernet1/0/5
switchport mode trunk
channel-group 3 mode desirable
!
interface GigabitEthernet1/0/6
switchport mode trunk
channel-group 3 mode desirable
!
interface GigabitEthernet1/0/7
switchport mode trunk
channel-group 1 mode desirable
!
interface GigabitEthernet1/0/8
switchport mode trunk
channel-group 1 mode desirable
!
interface GigabitEthernet1/0/9
switchport mode trunk
channel-group 1 mode desirable
!
interface GigabitEthernet1/0/10
switchport mode trunk
channel-group 1 mode desirable
!
interface GigabitEthernet1/0/11
switchport mode trunk
channel-group 1 mode desirable
!
interface GigabitEthernet1/0/12
switchport mode trunk
channel-group 1 mode desirable
!
interface GigabitEthernet1/0/13
switchport mode access
spanning-tree portfast
spanning-tree bpduguard disable
!
interface GigabitEthernet1/0/14
switchport access vlan 996
switchport mode access
spanning-tree portfast
spanning-tree bpduguard disable
!
interface GigabitEthernet1/0/15
switchport trunk allowed vlan 997
switchport mode trunk
spanning-tree portfast
spanning-tree bpduguard disable
!
interface GigabitEthernet1/0/16
switchport trunk allowed vlan 50,51,900,996,998
switchport mode trunk
spanning-tree portfast
spanning-tree bpduguard disable
!
interface GigabitEthernet1/0/17
switchport mode access
spanning-tree portfast
spanning-tree bpduguard disable
!
interface GigabitEthernet1/0/18
switchport trunk allowed vlan 900,996
switchport mode trunk
spanning-tree portfast
spanning-tree bpduguard disable
!
interface GigabitEthernet1/0/19
switchport mode trunk
channel-group 5 mode desirable
!
interface GigabitEthernet1/0/20
description LINK_TO_SWITCH_1
switchport mode trunk
channel-group 5 mode desirable
!
interface GigabitEthernet1/0/21
switchport mode trunk
channel-group 5 mode desirable
!
interface GigabitEthernet1/0/22
switchport mode trunk
channel-group 5 mode desirable
!
interface GigabitEthernet1/0/23
switchport mode trunk
channel-group 5 mode desirable
!
interface GigabitEthernet1/0/24
switchport mode trunk
channel-group 5 mode desirable
!
interface GigabitEthernet1/0/25
switchport access vlan 996
switchport mode access
spanning-tree portfast
spanning-tree bpduguard disable
!
interface GigabitEthernet1/0/26
switchport trunk allowed vlan 200,998,999
switchport mode trunk
spanning-tree portfast trunk
spanning-tree bpduguard disable
spanning-tree guard root
!
interface GigabitEthernet1/0/27
switchport access vlan 99
switchport mode access
spanning-tree portfast
spanning-tree bpduguard disable
!
interface GigabitEthernet1/0/28
switchport mode access
shutdown
spanning-tree portfast
spanning-tree bpduguard disable
!
interface GigabitEthernet1/0/29
switchport access vlan 900
switchport mode access
spanning-tree portfast
spanning-tree bpduguard disable
!
interface GigabitEthernet1/0/30
switchport access vlan 998
switchport mode access
spanning-tree portfast
spanning-tree bpduguard disable
!
interface GigabitEthernet1/0/31
switchport trunk allowed vlan 747,996,998,999
switchport mode trunk
spanning-tree portfast trunk
spanning-tree bpduguard disable
!
interface GigabitEthernet1/0/32
switchport mode access
spanning-tree portfast
spanning-tree bpduguard disable
!
interface GigabitEthernet1/0/33
switchport access vlan 997
switchport mode access
spanning-tree portfast
spanning-tree bpduguard disable
!
interface GigabitEthernet1/0/34
switchport access vlan 999
!
interface GigabitEthernet1/0/35
switchport access vlan 998
switchport mode access
spanning-tree portfast
spanning-tree bpduguard disable
!
interface GigabitEthernet1/0/36
switchport mode access
spanning-tree portfast
spanning-tree bpduguard disable
!
interface GigabitEthernet1/0/37
switchport mode access
spanning-tree portfast
spanning-tree bpduguard enable
!
interface GigabitEthernet1/0/38
switchport mode access
spanning-tree portfast
spanning-tree bpduguard disable
!
interface GigabitEthernet1/0/39
switchport mode access
spanning-tree portfast
spanning-tree bpduguard disable
!
interface GigabitEthernet1/0/40
switchport mode access
spanning-tree portfast
spanning-tree bpduguard disable
!
interface GigabitEthernet1/0/41
switchport mode trunk
channel-group 2 mode desirable
!
interface GigabitEthernet1/0/42
switchport mode trunk
channel-group 2 mode desirable
!
interface GigabitEthernet1/0/43
switchport mode trunk
channel-group 2 mode desirable
!
interface GigabitEthernet1/0/44
switchport mode trunk
channel-group 2 mode desirable
!
interface GigabitEthernet1/0/45
switchport mode trunk
channel-group 2 mode desirable
!
interface GigabitEthernet1/0/46
switchport mode trunk
channel-group 2 mode desirable
!
interface GigabitEthernet1/0/47
switchport access vlan 66
switchport mode access
spanning-tree portfast
spanning-tree bpduguard disable
!
interface GigabitEthernet1/0/48
switchport access vlan 998
switchport mode access
spanning-tree portfast
spanning-tree bpduguard disable
!
interface GigabitEthernet1/1/1
!
interface GigabitEthernet1/1/2
!
interface GigabitEthernet1/1/3
!
interface GigabitEthernet1/1/4
!
interface TenGigabitEthernet1/1/1
switchport mode trunk
spanning-tree link-type point-to-point
!
interface TenGigabitEthernet1/1/2
switchport mode trunk
spanning-tree link-type point-to-point
!
interface TenGigabitEthernet1/1/3
!
interface TenGigabitEthernet1/1/4
!
interface Vlan1
ip address 192.168.11.10 255.255.255.0
!
interface Vlan16
ip address 172.16.11.1 255.255.255.0
ip helper-address 192.168.11.27
ip helper-address 192.168.11.23
!
interface Vlan51
no ip address
!
interface Vlan52
no ip address
ip helper-address 192.168.11.27
!
interface Vlan66
ip address 10.10.11.65 255.255.255.192
ip helper-address 192.168.11.27
ip helper-address 192.168.11.23
!
interface Vlan88
ip address dhcp
ip pim dense-mode
!
interface Vlan90
ip address 192.168.99.1 255.255.255.0
ip helper-address 192.168.11.27
ip helper-address 192.168.11.23
!
interface Vlan100
ip address 10.100.0.2 255.255.254.0
ip helper-address 192.168.11.27
ip helper-address 192.168.11.23
!
interface Vlan300
ip address 10.10.11.1 255.255.255.192
ip helper-address 192.168.11.27
ip helper-address 192.168.11.23
!
interface Vlan747
ip address 10.10.12.1 255.255.255.0
ip pim dense-mode
!
interface Vlan900
ip address 10.10.10.3 255.255.255.192
!
interface Vlan997
no ip address
!
router ospf 20
router-id 10.10.10.3
network 10.10.10.0 0.0.0.255 area 0
!
ip default-gateway 192.168.11.10
ip forward-protocol nd
ip http server
ip http authentication local
ip http secure-server
ip route 0.0.0.0 0.0.0.0 10.10.10.1
ip route 10.10.12.131 255.255.255.255 10.10.10.1
ip route 10.10.12.132 255.255.255.255 10.10.10.1
!
ip access-list extended AutoQos-4.0-wlan-Acl-Bulk-Data
permit tcp any any eq 22
permit tcp any any eq 465
permit tcp any any eq 143
permit tcp any any eq 993
permit tcp any any eq 995
permit tcp any any eq 1914
permit tcp any any eq ftp
permit tcp any any eq ftp-data
permit tcp any any eq smtp
permit tcp any any eq pop3
ip access-list extended AutoQos-4.0-wlan-Acl-MultiEnhanced-Conf
permit udp any any range 16384 32767
permit tcp any any range 50000 59999
ip access-list extended AutoQos-4.0-wlan-Acl-Scavanger
permit tcp any any range 2300 2400
permit udp any any range 2300 2400
permit tcp any any range 6881 6999
permit tcp any any range 28800 29100
permit tcp any any eq 1214
permit udp any any eq 1214
permit tcp any any eq 3689
permit udp any any eq 3689
permit tcp any any eq 11999
ip access-list extended AutoQos-4.0-wlan-Acl-Signaling
permit tcp any any range 2000 2002
permit tcp any any range 5060 5061
permit udp any any range 5060 5061
ip access-list extended AutoQos-4.0-wlan-Acl-Transactional-Data
permit tcp any any eq 443
permit tcp any any eq 1521
permit udp any any eq 1521
permit tcp any any eq 1526
permit udp any any eq 1526
permit tcp any any eq 1575
permit udp any any eq 1575
permit tcp any any eq 1630
permit udp any any eq 1630
permit tcp any any eq 1527
permit tcp any any eq 6200
permit tcp any any eq 3389
permit tcp any any eq 5985
permit tcp any any eq 8080
logging trap debugging
logging host 192.168.11.8
!
snmp mib notification-log globalsize 600
snmp mib notification-log globalageout 1200
snmp mib notification-log default
!
!
!
control-plane
service-policy input system-cpp-policy
!
line con 0
logging synchronous
stopbits 1
line aux 0
stopbits 1
line vty 0 4
privilege level 15
logging synchronous
transport input telnet ssh
line vty 5 15
privilege level 15
logging synchronous
transport input telnet ssh
!
ntp master
ntp server 132.163.97.1
ntp server 192.168.11.27
ntp server time-a-wwv.nist.gov
!
wsma agent exec
profile httplistener
profile httpslistener
!
wsma agent config
profile httplistener
profile httpslistener
!
wsma agent filesys
profile httplistener
profile httpslistener
!
wsma agent notify
profile httplistener
profile httpslistener
!
!
wsma profile listener httplistener
transport http
!
wsma profile listener httpslistener
transport https
!
ap dot11 airtime-fairness policy-name Default 0
ap group default-group
ap hyperlocation ble-beacon 0
ap hyperlocation ble-beacon 1
ap hyperlocation ble-beacon 2
ap hyperlocation ble-beacon 3
ap hyperlocation ble-beacon 4
end
路由器 - Switch2 链接通过 PortChannel5。
Switch2-Firewall 链路位于端口 18
更新 3:我已为相关端口添加了描述
