Есть затруднения с настройкой связи между маршрутизатором и коммутатором. Конфиг маршрутизатора приложен, соединение через 6 порт,в коммутаторе патчкорд идет в access того же влана. Пытаюсь пинговать коммутатор с адресом 192.168.100.1, в ответ тишина.
Подскажите пожалуйста что надо добавить.
Код: Выделить всё
#!/usr/bin/clish
#19
#1.12.0
#02/11/2020
#14:57:06
object-group service ssh
port-range 22
exit
object-group service dhcp_server
port-range 67
exit
object-group service dhcp_client
port-range 68
exit
object-group service ntp
port-range 123
exit
object-group service telnet
port-range 23
exit
syslog max-files 3
syslog file-size 512
syslog file tmpsys:syslog/default info
username admin
password encrypted $6$BIhR33u/3KZbS/nI$/in8UVDZiCG/tLHGcCEQkVPkLTvE6jZzkkejZeSCe5Ikr.apFcSJtO6NNKYF6amtIfCpgDXbWUrzvowr.PyVM1
exit
boot host auto-config
vlan 99
name "internet"
exit
vlan 2,10,20,30,100
exit
security zone trusted
exit
security zone untrusted
exit
security zone LAN
exit
security zone WAN
exit
bridge 1
vlan 1
security-zone trusted
ip address 192.168.1.1/24
enable
exit
bridge 2
vlan 2
security-zone untrusted
ip address dhcp
enable
exit
bridge 10
vlan 10
security-zone LAN
ip address 192.168.10.1/24
enable
exit
bridge 20
vlan 20
security-zone LAN
ip address 192.168.20.1/24
enable
exit
bridge 30
vlan 30
security-zone LAN
enable
exit
bridge 100
vlan 100
security-zone LAN
ip address 192.168.100.2/24
ip helper-address 192.168.101.15
enable
exit
cellular profile 1
APN internet.beeline.ru
user beeline
password ascii-text encrypted 9EB10661B9014D
exit
number *99#
allowed-auth pap
exit
interface gigabitethernet 1/0/1
mode switchport
switchport general allowed vlan add 10,20,30,100 tagged
exit
interface gigabitethernet 1/0/2
mode switchport
exit
interface gigabitethernet 1/0/3
mode switchport
switchport general allowed vlan add 30 untagged
exit
interface gigabitethernet 1/0/4
mode switchport
exit
interface gigabitethernet 1/0/5
mode switchport
exit
interface gigabitethernet 1/0/6
mode switchport
switchport general allowed vlan add 100 untagged
exit
interface gigabitethernet 1/0/7
mode switchport
exit
interface gigabitethernet 1/0/8
mode switchport
exit
interface gigabitethernet 1/0/9
mode switchport
exit
interface gigabitethernet 1/0/10
mode switchport
exit
interface gigabitethernet 1/0/11
mode switchport
exit
interface gigabitethernet 1/0/12
mode switchport
exit
interface gigabitethernet 1/0/13
mode switchport
exit
interface gigabitethernet 1/0/14
mode switchport
exit
interface gigabitethernet 1/0/15
mode switchport
exit
interface gigabitethernet 1/0/16
mode switchport
switchport general allowed vlan add xxx tagged
exit
interface tengigabitethernet 1/0/1
mode switchport
switchport general pvid 2
switchport general allowed vlan add 2 untagged
exit
interface tengigabitethernet 1/0/2
mode switchport
switchport general pvid 2
switchport general allowed vlan add 2 untagged
exit
interface tengigabitethernet 1/0/3
mode switchport
exit
interface tengigabitethernet 1/0/4
mode switchport
exit
interface tengigabitethernet 1/0/5
mode switchport
exit
interface tengigabitethernet 1/0/6
mode switchport
exit
interface tengigabitethernet 1/0/7
mode switchport
exit
interface tengigabitethernet 1/0/8
mode switchport
exit
cellular modem 1
device 1-1
profile 1
exit
security zone-pair trusted untrusted
rule 1
action permit
enable
exit
exit
security zone-pair trusted trusted
rule 1
action permit
enable
exit
exit
security zone-pair trusted self
rule 10
action permit
match protocol tcp
match destination-port ssh
enable
exit
rule 20
action permit
match protocol icmp
enable
exit
rule 30
action permit
match protocol udp
match source-port dhcp_client
match destination-port dhcp_server
enable
exit
rule 40
action permit
match protocol udp
match destination-port ntp
enable
exit
exit
security zone-pair untrusted self
rule 1
action permit
match protocol udp
match source-port dhcp_server
match destination-port dhcp_client
enable
exit
exit
security zone-pair LAN LAN
rule 1
action permit
enable
exit
exit
security zone-pair LAN WAN
rule 1
action permit
enable
exit
exit
security zone-pair WAN LAN
rule 1
action permit
enable
exit
exit
security passwords default-expired
ip firewall sessions tcp-estabilished-timeout 3600
nat source
ruleset factory
to zone untrusted
rule 10
description "replace 'source ip' by outgoing interface ip address"
action source-nat interface
enable
exit
exit
ruleset LAN
to interface bridge 100
rule 1
action source-nat interface
enable
exit
exit
exit
ip dhcp-server
ip dhcp-server pool lan-pool
network 192.168.1.0/24
address-range 192.168.1.2-192.168.1.254
default-router 192.168.1.1
exit
ip dhcp-relay
ip route 0.0.0.0/24 192.168.100.1
ip telnet server
ip ssh server
ntp enable
ntp broadcast-client enable