ESR-200: dhcp и bridge
Добавлено: 11 май 2023 18:37
Добрый день.
Схема включения: Маршрутизатор ESR-200 (1.14.5), с него подключен коммутатор MES2324P (в транковом порту двумя вланами), с которого подключены два ПК, в разных вланах в разных подсетях.
ПК не получают адреса по dhcp.
object-group service dhcp_server
port-range 67
exit
object-group service dhcp_client
port-range 68
exit
vlan 10,11
exit
security zone LAN
exit
security zone LAN1
exit
bridge 10
vlan 10
security-zone LAN
ip dhcp server address 192.168.10.1
ip address 192.168.10.1/24
no spanning-tree
enable
exit
bridge 11
vlan 11
security-zone LAN1
ip dhcp server address 192.168.11.1
ip address 192.168.11.1/24
no spanning-tree
enable
exit
interface gigabitethernet 1/0/1
mode switchport
switchport mode trunk
switchport trunk allowed vlan add 10,11
exit
security zone-pair LAN self
rule 10
action permit
match protocol icmp
enable
exit
rule 20
action permit
match protocol udp
match source-port dhcp_server
match destination-port dhcp_client
enable
exit
exit
security zone-pair LAN1 self
rule 10
action permit
match protocol icmp
enable
exit
rule 20
action permit
match protocol udp
match source-port dhcp_server
match destination-port dhcp_client
enable
exit
exit
ip dhcp-server
ip dhcp-server pool LAN
network 192.168.10.0/24
address-range 192.168.10.10-192.168.10.254
default-router 192.168.10.1
exit
ip dhcp-server pool LAN1
network 192.168.11.0/24
address-range 192.168.11.10-192.168.11.254
default-router 192.168.11.1
exit
Схема включения: Маршрутизатор ESR-200 (1.14.5), с него подключен коммутатор MES2324P (в транковом порту двумя вланами), с которого подключены два ПК, в разных вланах в разных подсетях.
ПК не получают адреса по dhcp.
object-group service dhcp_server
port-range 67
exit
object-group service dhcp_client
port-range 68
exit
vlan 10,11
exit
security zone LAN
exit
security zone LAN1
exit
bridge 10
vlan 10
security-zone LAN
ip dhcp server address 192.168.10.1
ip address 192.168.10.1/24
no spanning-tree
enable
exit
bridge 11
vlan 11
security-zone LAN1
ip dhcp server address 192.168.11.1
ip address 192.168.11.1/24
no spanning-tree
enable
exit
interface gigabitethernet 1/0/1
mode switchport
switchport mode trunk
switchport trunk allowed vlan add 10,11
exit
security zone-pair LAN self
rule 10
action permit
match protocol icmp
enable
exit
rule 20
action permit
match protocol udp
match source-port dhcp_server
match destination-port dhcp_client
enable
exit
exit
security zone-pair LAN1 self
rule 10
action permit
match protocol icmp
enable
exit
rule 20
action permit
match protocol udp
match source-port dhcp_server
match destination-port dhcp_client
enable
exit
exit
ip dhcp-server
ip dhcp-server pool LAN
network 192.168.10.0/24
address-range 192.168.10.10-192.168.10.254
default-router 192.168.10.1
exit
ip dhcp-server pool LAN1
network 192.168.11.0/24
address-range 192.168.11.10-192.168.11.254
default-router 192.168.11.1
exit