办公网络构建

办公网络项目背景
    XX州市益智软件科技有限公司是XX市第九职业技术学校校办企业，依托学校人力技术、场地资源，面向市场独立经营、服务社会，主要从事网络设备销售、网络综合布线与网络管理。该公司现租用实训基地二层作为公司的办公经营场地，现需要为该公司构建办公网络。

1.项目基本情况

    楼层面积约为35m×12m，建筑面积420。目前已有校园网预埋光纤到中心设备间.需通过接入校园网访问Internet。办公室共分8个区域，其中总经理办公室3个信息点、经理办公室4个信息点、会议室4个信息点、财务部6个信息点、仓管后勤部4个信息点、市场部10个信息点、售后维护部8个信息点、商务接待区2个信息点。具体分布情况如图1所示。

图1

2.应用需求

（1）对所有部门账户进行集中化管理。

（2）为部门内部员工提供动态地址分配方案。

（3）对公司数据提供安全可靠的数据管理。

（4）为部门内员工提供文件的上传、下载。
（5）售后维护部、市场部、仓管后勤部能集中管理每个部门的打印机。

3.设计方案

网络结构拓扑如图2所示

图2

4.配置脚本

//DHCP服务器

//ASA1

en

conf t

hostn ASA1

int g1/1

ip add 172.16.30.2 255.255.255.0

no sh

exit

router ospf 101

 router-id 1.1.1.1

 network 172.16.30.0 255.255.255.0 area 1

exit

!

//R1

en

conf t

hostn R1

int g0/0/0

ip add 172.16.20.2 255.255.255.0

no sh

int s0/1/0

ip add 10.10.10.1 255.255.255.0

no sh

exit

enable password cisco

username admin password 0 admin

ip domain-name cisco.com

crypto key generate rsa

1024

line vty 5 15

access-class 101 in

login local

transport input ssh

!

router ospf 101

rou 2.2.2.2

 network 172.16.20.0 0.0.0.255 area 0

 network 10.10.10.0 0.0.0.255 area 0

exit

access-list 101 permit ip 192.168.72.192 0.0.0.31 any

int s0/1/0

ip acc 101 out

exit

enable password cisco

username admin password 0 admin

ip domain-name cisco.com

crypto key generate rsa

1024

line vty 0 15

 access-class 101 in

 login local

 transport input ssh

!

!

//ISP

en

conf t

hostn ISP

int g0/0/0

ip add 64.100.201.1 255.255.255.0

no sh

int g0/0/1

ip add 172.16.30.2 255.255.255.0

no sh

int s0/1/0

ip add 10.10.10.2 255.255.255.0

no sh

exit

router ospf 101

rou 3.3.3.3

 network 64.100.201.0 0.0.0.255 area 1

 network 172.16.30.0 0.0.0.255 area 1

 network 10.10.10.0 0.0.0.255 area 0

exit

ip nat inside source static 64.100.201.2 172.16.16.1

int g0/0/0

ip nat inside

int s0/1/0

ip nat outside

exit

line vty 0 4

 login local

 transport input ssh

!

//SW1

en

conf t

en

conf t

vlan 10

vlan 20

vlan 30

vlan 40

vlan 50

vlan 60

vlan 70

vlan 80

exit

hostn SW1

ip routing

service dhcp

ip forward-protocol udp 67

int g0/1

no sw

ip add 172.16.20.1 255.255.255.0

int g0/2

no sw

ip add 172.16.10.1 255.255.255.0

no sh

int vlan 10

ip add 192.168.72.1 255.255.255.224

ip helper-add 172.16.10.2

int vlan 20

ip add 192.168.72.33 255.255.255.224

ip helper-add 172.16.10.2

int vlan 30

ip add 192.168.72.65 255.255.255.224

ip helper-add 172.16.10.2

int vlan 40

ip add 192.168.72.97 255.255.255.224

ip helper-add 172.16.10.2

int vlan 50

ip add 192.168.72.129 255.255.255.224

ip helper-add 172.16.10.2

int vlan 60

ip add 192.168.72.161 255.255.255.224

ip helper-add 172.16.10.2

int vlan 70

ip add 192.168.72.193 255.255.255.224

ip helper-add 172.16.10.2

int vlan 80

ip add 192.168.72.225 255.255.255.224

ip helper-add 172.16.10.2

exit

int ran f0/1-4

sw mo tr

sw tr all vl 10,20,30,40,50,60,70,80

exit

router ospf 101

rou 4.4.4.4

 network 172.16.10.0 0.0.0.255 area 0

 network 172.16.20.0 0.0.0.255 area 0

 network 192.168.72.0 0.0.0.31 area 0

 network 192.168.72.32 0.0.0.31 area 0

 network 192.168.72.64 0.0.0.31 area 0

 network 192.168.72.96 0.0.0.31 area 0

 network 192.168.72.128 0.0.0.31 area 0

 network 192.168.72.160 0.0.0.31 area 0

 network 192.168.72.192 0.0.0.31 area 0

 network 192.168.72.224 0.0.0.31 area 0

exit

!

//SW2

en

conf t

vlan 10

vlan 20

vlan 30

vlan 40

vlan 50

vlan 60

vlan 70

vlan 80

exit

hostn SW2

int ran f0/1-2

channel-grou 1 mode on

exit

int port-channel 1

sw mo tr

sw tr all vla 10,20,30,40,50,60,70,80

int ran f0/3-4

channel-grou 3 mode on

exit

int port-channel 3

sw mo tr

sw tr all vla 10,20,30,40,50,60,70,80

int ran f0/5-9

sw mo ac

sw ac vl 10

int ran f0/10-14

sw mo ac

sw ac vl 20

int ran f0/15-19

sw mo ac

sw ac vl 30

int ran f0/20-24

sw mo ac

sw ac vl 40

exit

span mo ra

span vla 10,20,30,40 root primary

span vla 50,60,70,80 root sec

int ran f0/5-24

span portfast

span bpdu en

!

//SW3

en

conf t

vlan 10

vlan 20

vlan 30

vlan 40

vlan 50

vlan 60

vlan 70

vlan 80

hostn SW2

int ran f0/1-2

channel-grou 2 mode on

exit

int port-channel 2

sw mo tr

sw tr all vla 10,20,30,40,50,60,70,80

int ran f0/3-4

channel-grou 3 mode on

exit

int port-channel 3

sw mo tr

sw tr all vla 10,20,30,40,50,60,70,80

int ran f0/5-9

sw mo ac

sw ac vl 50

int ran f0/10-14

sw mo ac

sw ac vl 60

int ran f0/15-19

sw mo ac

sw ac vl 70

int ran f0/20-24

sw mo ac

sw ac vl 80

exit

span mo ra

span vla 50,60,70,80 root primary

span vla 10,20,30,40 root sec

int ran f0/5-24

span portfast

span bpdu en

!