Kwaziwai, vadikanwi vagari veHabro uye vaenzi vasina kujairika. Mune ino nhevedzano yezvinyorwa tichataura nezve kuvaka rakareruka network yekambani isinganyanyi kudiwa pane yayo IT zvivakwa, asi panguva imwechete ine chido chekupa vashandi vayo yemhando yepamusoro yeInternet yekubatanidza, kuwana kune yakagovaniswa faira. zviwanikwa, uye kupa vashandi neVPN kuwana kubasa uye kubatanidza vhidhiyo yekutarisa sisitimu, iyo inogona kuwanikwa kubva chero kupi zvako munyika. Chikamu chebhizinesi diki chinoratidzwa nekukura nekukurumidza uye, maererano, network replanning. Muchinyorwa chino tichatanga nehofisi imwe ine 15 nzvimbo dzebasa uye tichawedzera kuwedzera network. Saka, kana chero nyaya inonakidza, nyora mumashoko, tichaedza kuishandisa munyaya yacho. Ini ndichafungidzira kuti muverengi anoziva nezvekutanga kwemakomputa network, asi ini ndichapa zvinongedzo kuWikipedia kune ese tekinoroji mazwi; kana chimwe chinhu chisina kujeka, tinya uye gadzirisa kushomeka uku.
Saka, ngatitange. Chero network inotanga nekuongororwa kwenzvimbo uye kuwana zvinodiwa nemutengi, izvo zvichazoumbwa muhunyanzvi hwekuita. Kazhinji mutengi pachake haanzwisisi zvakakwana zvaanoda uye zvaanoda kune izvi, saka zvakakosha kumutungamirira kune zvatinokwanisa kuita, asi iyi ibasa rezvinopfuura mumiririri wekutengesa, tinopa chikamu cheunyanzvi, saka isu tichafunga kuti Isu tine zvinotevera zvinotevera zvinodiwa:
- 17 nzvimbo dzekushandira dzedesktop PC
- Network disk kuchengetedza ()
- CCTV system uchishandisa uye IP makamera (8 zvidimbu)
- Hofisi Wi-Fi yekuvhara, maviri network (yemukati uye muenzi)
- Zvinogoneka kuwedzera network printers (kusvika 3 zvidimbu)
- Tarisiro yekuvhura hofisi yechipiri kune rumwe rutivi rweguta
Equipment kusarudzwa
Ini handisi kuzoongorora kusarudzwa kwemutengesi, nekuti iyi inyaya inokonzeresa kukakavara kwekare; isu tichatarisa pane chokwadi chekuti mhando yakatotemwa, iCisco.
Nheyo yemambure ndeye (router). Zvakakosha kuongorora zvatinoda, sezvo tiri kuronga kuwedzera network mune ramangwana. Kutenga router ine chengetedzo yeiyi kuchachengetedza mutengi mari panguva yekuwedzera, kunyangwe ichave inodhura zvishoma padanho rekutanga. Cisco yechikamu chebhizinesi diki inopa iyo Rvxxx yakatevedzana, iyo inosanganisira ma routers emahofisi epamba (RV1xx, kazhinji ine yakavakirwa-mukati Wi-Fi module), iyo yakagadzirirwa kubatanidza akati wandei nzvimbo dzekushandira uye network kuchengetedza. Asi isu hatisi kuvafarira, sezvo ivo vane zvishoma zvishoma VPN kugona uye panzvimbo yakaderera bandwidth. Isu hatisiwo kufarira iyo yakavakirwa-mukati isina waya module, sezvo ichifanirwa kuiswa mukamuri yehunyanzvi mune rack; Wi-Fi ichave yakarongeka uchishandisa AP () Sarudzo yedu inowira paRV320, inova iyo junior modhi yevakuru nhevedzano. Hatidi nhamba yakakura yezvikepe mune yakavakirwa-mukati switch, sezvo isu tichava neyakasiyana switch kuitira kuti tipe huwandu hwakakwana hwezviteshi. Kubatsira kukuru kweiyo router ndeyekukodzera kwayo yakakwira throughput. server (75 Mbits), rezinesi kune gumi VPN tunnels, kugona kusimudza Site-10-saiti VPN mugero. Zvakare zvakakosha kuvepo kwechipiri WAN port kuti ipe backup Internet yekubatanidza.
Iyo router inofanira kuva . Iyo inonyanya kukosha parameter ye switch ndiyo seti yemabasa ayo anayo. Asi kutanga, ngativerengei zviteshi. Muchiitiko chedu, tinoronga kubatanidza kune switch: 17 PCs, 2 APs (Wi-Fi access points), 8 IP makamera, 1 NAS, 3 network printers. Tichishandisa arithmetic, tinowana nhamba 31, inoenderana nenhamba yemidziyo yakatanga kubatanidzwa kunetiweki, wedzera 2 kune iyi. (tiri kuronga kuwedzera network) uye tichamira pa48 ports. Zvino nezve mashandiro: switch yedu inofanirwa kugona , zvichida vose 4096, havazokuvadzi mine, sezvo zvichizogoneka kubatanidza switch kune imwe mugumo wechivako uchishandisa optics, inofanirwa kukwanisa kushanda mudenderedzwa rakavharwa, izvo zvinoita kuti isu tikwanise kuchengetedza zvinongedzo (), zvakare iyo AP uye makamera anozopihwa simba kuburikidza neakamonyoroka pair, saka zvinodikanwa kuve nazvo (iwe unogona kuverenga zvakawanda nezve maprotocol muwiki, mazita anodzvanywa). Too complicated Hatidi kushanda, saka sarudzo yedu ichava Cisco SG250-50P, sezvo ine basa rakakwana kwatiri uye panguva imwe chete haisanganisi mabasa asina basa. Tichataura nezve Wi-Fi muchinyorwa chinotevera, sezvo iyi iri nyaya yakafaranuka. Ikoko tichagara pane sarudzo yeAR. Isu hatisarudze NAS nemakamera, tinofungidzira kuti vamwe vanhu vari kuita izvi, asi isu tinongofarira network.
Kuronga
Kutanga, ngatisarudze kuti ndeapi maratidziro atinoda (unogona kuverenga kuti maVLAN ari paWikipedia). Saka, isu tine akati wandei ane musoro network zvikamu:
- Client workstations (PCs)
- Sevha (NAS)
- CVV
- Zvishandiso zvevaenzi (WiFi)
Zvakare, zvinoenderana nemitemo yehunhu hwakanaka, isu tichafambisa iyo yekushandisa manejimendi interface mune yakaparadzana VLAN. Unogona kuverenga maVLAN mune chero kurongeka, ini ndichasarudza izvi:
- VLAN10 Management (MGMT)
- VLAN50 Server's
- VLAN100 LAN+WiFi
- VLAN150 Mushanyi WiFI (V-WiFi)
- VLAN200 CAM's
Tevere, isu tichagadzira IP chirongwa uye kushandisa 24 bits uye subnet 192.168.x.x. Ngatitangei.
Dziva rakachengeterwa richange riine kero dzinozogadziriswa statically (maprinter, maseva, manejimendi nzvimbo, nezvimwewo, zvevatengi. ichaburitsa kero ine simba).
Saka isu takafungidzira IP, pane akati wandei mapoinzi andinoda kutarisisa:
- Iko hakuna chikonzero chekumisikidza DHCP mune yekudzora network, senge mukamuri yeseva, sezvo kero dzese dzakapihwa nemaoko kana uchigadzira michina. Vamwe vanhu vanosiya dziva diki reDHCP kana vachinge vachibatanidza michina mitsva, yekumisikidzwa kwayo kwekutanga, asi ini ndajaira uye ndinokupa zano kuti ugadzirise michina kwete panzvimbo yemutengi, asi padhesiki rako, kuti ndisaite. ita dziva iri pano.
- Mamwe macamera modhi angangoda kero isingachinjiki, asi isu tinofungidzira kuti makamera anozvigamuchira otomatiki.
- Pane network yemuno, tinosiya dziva remaprinta, sezvo network yekudhinda sevhisi isingashande zvakanyanya nekuvimbika nemakero ane simba.
Router setup
Zvakanaka, pakupedzisira ngatienderere mberi kune setup. Isu tinotora chigamba tambo uye tinobatanidza kune imwe yechina LAN ports ye router. Nokusingaperi, sevha yeDHCP inobvumira pa router uye inowanikwa pakero 192.168.1.1. Iwe unogona kutarisa izvi uchishandisa ipconfig console utility, mune inobuda iyo router yedu ichave yakasarudzika gedhi. Ngatitarisei:
Mubrowser, enda kukero iyi, simbisa iyo isina kuchengeteka kubatana uye pinda ne username/password cisco/cisco. Chinja pakarepo password kune yakachengeteka. Uye chekutanga pane zvese, enda kuSetup tebhu, Network chikamu, pano tinopa zita uye zita rezita reiyo router.
Iye zvino ngatiwedzerei maVLAN kune router yedu. Enda kuPort Management / VLAN Nhengo. Isu tichakwaziswa neVLAN-ok chiratidzo, chakagadzirirwa nekukasira
Isu hatizvide, tinodzima zvese kunze kweyekutanga, sezvo isingagone kubviswa, uye isu tichakurumidza kuwedzera maVLAN atakaronga. Usakanganwa kutarisa bhokisi riri kumusoro. Isu tichabvumirawo manejimendi manejimendi kubva kune manejimendi manejimendi, uye tinobvumira nzira pakati pemanetiweki kwese kwese kunze kwevaenzi network. Tichagadzirisa zviteshi zvishoma gare gare.
Zvino ngatigadzirisei sevha yeDHCP zvinoenderana netafura yedu. Kuti uite izvi, enda kuDHCP/DHCP Setup.
Kune network umo DHCP ichavharwa, isu tichagadzirisa chete kero yesuwo, inova yekutanga mu subnet (uye mask zvinoenderana).
Mune network neDHCP, zvese zviri nyore, isu tinogadzirisawo kero yegedhi, uye kunyoresa madziva uye DNS pazasi:
Neizvi takabata neDHCP, ikozvino makasitoma akabatana netiweki yemuno anogashira kero. Zvino ngatigadzirise madoko (zviteshi zvinogadziriswa zvinoenderana neyakajairwa , chinongedzo chinodzvanya, unogona kujairana nacho). Sezvo zvichifungidzirwa kuti vatengi vese vachange vakabatana kuburikidza neakagadziriswa switch yeVLAN isina kunyorwa (yekuzvarwa), zviteshi zvese zvichave MGMT, izvi zvinoreva kuti chero mudziyo wakabatana nechiteshi ichi uchawira mune iyi network (mamwe mashoko pano). Ngatidzokerei kuPort Management/VLAN Nhengo uye tigadzirise izvi. Isu tinosiya VLAN1 Yakasiiwa pane ese madoko, isu hatizvide.
Iye zvino pane yedu network kadhi tinoda kugadzirisa static kero kubva kune manejimendi subnet, sezvo isu takaguma mune iyi subnet mushure mekunge tadzvanya "sevha", asi hapana DHCP server pano. Enda kune network adapter marongero uye gadzirisa kero. Mushure meizvi, router ichave iripo pa192.168.10.1
Ngatimisei Indaneti yedu. Ngatifungei kuti takagamuchira static kero kubva kumupi. Enda kuSetup/Network, maka WAN1 pazasi, tinya Rongedza. Sarudza Static IP uye gadzirisa kero yako.
Uye chinhu chekupedzisira chemazuva ano ndechekugadzirisa kure kure. Kuti uite izvi, enda kuFirewall / General uye tarisa Remote Management bhokisi, gadzirisa chiteshi kana zvichidikanwa
Ndizvo zvimwe chete zvanhasi. Nekuda kwechinyorwa, isu tine yakakosha configured router yatinogona kuwana iyo Internet. Kureba kwechinyorwa chakareba kupfuura zvandaitarisira, saka muchikamu chinotevera tichapedzisa kumisikidza router, kuisa VPN, kugadzirisa firewall uye kutema miti, uye zvakare kugadzirisa switch uye isu tichakwanisa kuisa hofisi yedu kushanda. . Ndinovimba kuti chinyorwa chaive chinobatsira zvishoma uye chinokudzidzisa iwe. Ndiri kunyora kekutanga, ndichafara kwazvo kugamuchira kushoropodzwa kunovaka uye mibvunzo, ndichaedza kupindura munhu wese uye kutora zvaunofunga. Zvakare, sezvandakanyora pakutanga, pfungwa dzako pamusoro pezvimwe zvingaonekwa muhofisi uye zvimwe zvatichagadzirisa zvinogamuchirwa.
Vandinoshamwaridzana navo:
Teregiramu:
Skype/mail: [email inodzivirirwa]
Tiwedzere, tikurukure.
Source: www.habr.com