beautypg.com

H3C Technologies H3C SecBlade IPS Cards User Manual

Page 57

background image

50

# Configure the H3C new MIB style. That is, the sysOID and private MIB are both under H3C enterprise

ID 25506. You need to reboot the switch to validate the configuration (You can reboot the switch after

completing all configurations).

system-view

[Sysname] mib-style new

# Configure SNMP parameters: configure SNMPv3 users and adopt non-authentication and

non-encryption.

[Sysname] snmp-agent

[Sysname] snmp-agent sys-info version all

[Sysname] snmp-agent group v3 v3group_no read-view iso write-view iso

[Sysname] snmp-agent mib-view included iso iso

[Sysname] snmp-agent usm-user v3 v3user_no v3group_no

# Enable the ACFP server and the ACSEI server.

[Sysname] acfp server enable

[Sysname] acsei server enable

# Configure the internal interface.

Create VLAN 100 and configure an IP address for the VLAN interface. Make sure the VLAN does
not conflict with any existing VLAN.

[Sysname] vlan 100

[Sysname-vlan100] quit

[Sysname] interface Vlan-interface100

[Sysname-Vlan-interface100] ip address 100.100.100.1 255.255.255.0

[Sysname-Vlan-interface100] undo shutdown

[Sysname-Vlan-interface100] quit

Configure the internal interface as a trunk port, assign it to all VLANs, configure its

port-connect-mode as extended, and disable MAC address learning on it.

[Sysname] interface Ten-GigabitEthernet5/0/1

[Sysname-Ten-GigabitEthernet] port link-type trunk

[Sysname-Ten-GigabitEthernet] port trunk permit vlan all

[Sysname-Ten-GigabitEthernet] port connection-mode extend

[Sysname-Ten-GigabitEthernet] mac-address max-mac-count 0

[Sysname-Ten-GigabitEthernet] undo shutdown

[Sysname-Ten-GigabitEthernet] quit

# Save the configurations and restart the switch.

save

reboot

NOTE:

Make sure that the OAA card in slot n corresponds to the switch’s internal interface Ten-GigabitEthernet
n/0/1. For example, the OAA card in slot 5 corresponds to the switch’s internal interface

Ten-GigabitEthernet 5/0/1.

2.

Configure the SecBlade IPS card

# Configure an IP address for the management interface and enable the management interface. This

configuration is optional. By default, the IP address of the management interface is 192.168.1.1. You can

also change this IP address through the web interface.

system-view

See also other documents in the category H3C Technologies Safety: