beautypg.com

Configuration procedure – H3C Technologies H3C SecBlade IPS Cards User Manual

Page 30

background image

23

Ten-GigabitEthernet 2/0/1 to connect to the SecBlade IPS card’s internal interface Ten-GigabitEthernet

0/0. Traffic received on the switch’s interfaces GigabitEthernet 3/0/1, GigabitEthernet 3/0/2. and

GigabitEthernet 3/0/20 must be sent to the SecBlade IPS card for inspection.

Figure 12 S7500E switch and the LSQ1IPSSC0 card

IP network

IP network

Internet

GE3/0/1

GE3/0/2

GE3/0/20

XGE2/0/1

XGE0/0

S7500E

LSQ1IPSSC0 card

Configuration procedure

1.

Configure the switch

# Configure the H3C new MIB style. That is, the sysOID and private MIB are both under H3C enterprise

ID 25506. You need to reboot the switch to validate the configuration (You can reboot the switch after

completing all configurations).

system-view

[Sysname] mib-style new

# Configure SNMP parameters: configure SNMPv3 users and adopt non-authentication and
non-encryption.

[Sysname] snmp-agent

[Sysname] snmp-agent sys-info version all

[Sysname] snmp-agent group v3 v3group_no read-view iso write-view iso

[Sysname] snmp-agent mib-view included iso iso

[Sysname] snmp-agent usm-user v3 v3user_no v3group_no

# Enable the ACFP server and the ACSEI server.

[Sysname] acfp server enable

[Sysname] acsei server enable

# Configure the internal interface.

Create VLAN 100 and configure an IP address for the VLAN interface. Make sure the VLAN does
not conflict with any existing VLAN.

[Sysname] vlan 100

[Sysname-vlan100] quit

[Sysname] interface Vlan-interface100

[Sysname-Vlan-interface100] ip address 100.100.100.1 255.255.255.0

[Sysname-Vlan-interface100] quit