H3C防火牆怎麽設置-山西尊信網絡科技有限公司

通(tōng)欄圖片

通(tōng)欄圖片

通(tōng)欄圖片

通(tōng)欄圖片

地址：太原市(shì)小(xiǎo)店區長(cháng)風街132号長(cháng)風大廈2501
聯系人：李勇海15503662388
電(diàn)話：15503662388
手機(jī)：15503662388
Email：18810108338@163.com

核心産品您現在的位置：首頁 > > 核心産品

H3C防火牆怎麽設置
發表時間：2019-01-24 閱讀(dú)次數：

1、配置要求 1）的E0/2接口為(wèi)TRUST區域，是：192.168.254.1/29； 2）的E1/2接口為(wèi)UNTRUST區域，是：202.111.0.1/27； 3）内網服務器(qì)對外網做一(yī)對一(yī)的，192.168.254.2、192.168.254.3分别映射為(wèi)202.111.0.2、202.111.0.3； 4）内網服務器(qì)訪問外網不做限制，外網訪問内網隻放(fàng)通(tōng)公網地址211.101.5.49訪問192.168.254.2的和192.168.254.3的。 2、的配置腳本如下(xià) <H3CF100A>dis cur # sysname H3CF100A # super password level 3 cipher 6aQ>Q57-$.I)0;4:\(I41!!! # firewall packet-filter enable firewall packet-filter default permit # insulate # nat static inside ip 192.168.254.2 global ip 202.111.0.2 nat static inside ip 192.168.254.3 global ip 202.111.0.3 # firewall statistic system enable # radius scheme system server-type extended # domain system # local-user net1980 password cipher ###### service-type telnet level 2 # aspf-policy 1 detect h323 detect sqlnet detect rtsp detect http detect smtp detect ftp detect tcp detect udp # object address 192.168.254.2/32 192.168.254.2 255.255.255.255 object address 192.168.254.3/32 192.168.254.3 255.255.255.255 # acl number 3001 description out-inside rule 1 permit tcp source 211.101.5.49 0 destination 192.168.254.2 0 destination-port eq 1433 rule 2 permit tcp source 211.101.5.49 0 destination 192.168.254.3 0 destination-port eq www rule 1000 deny ip acl number 3002 description inside-to-outside rule 1 permit ip source 192.168.254.2 0 rule 2 permit ip source 192.168.254.3 0 rule 1000 deny ip # interface Aux0 async mode flow # interface Ethernet0/0 shutdown # interface Ethernet0/1 shutdown # interface Ethernet0/2 speed 100 duplex full description to server ip address 192.168.254.1 255.255.255.248 firewall packet-filter 3002 inbound firewall aspf 1 outbound # interface Ethernet0/3 shutdown # interface Ethernet1/0 shutdown # interface Ethernet1/1 shutdown # interface Ethernet1/2 speed 100 duplex full description to internet ip address 202.111.0.1 255.255.255.224 firewall packet-filter 3001 inbound firewall aspf 1 outbound nat outbound static # interface NULL0 # firewall zone local set priority 100 # firewall zone trust add interface Ethernet0/2 set priority 85 # firewall zone untrust add interface Ethernet1/2 set priority 5 # firewall zone DMZ add interface Ethernet0/3 set priority 50 # firewall interzone local trust # firewall interzone local untrust # firewall interzone local DMZ # firewall interzone trust untrust # firewall interzone trust DMZ # firewall interzone DMZ untrust # ip route-static 0.0.0.0 0.0.0.0 202.111.0.30 preference 60 # user-interface con 0 user-interface aux 0 user-interface vty 0 4 authentication-mode scheme
上(shàng)一(yī)篇：華三交換機(jī) VRRP V7版本
下(xià)一(yī)篇：H3C S7500E系列高(gāo)端多(duō)業(yè)務路(lù)由交換機(jī)

客服中心

在線QQ：
在線QQ：
在線QQ：

售後服務

電(diàn)話：18810108338 15503662388 微信号：

友(yǒu)情鏈接：山西(xī)耕雲淘寶購買店鋪
Copyright © 2017- 山西尊信網絡科技有限公司 All Rights Reserved. 備案号：晉ICP備17003718号-1
騰雲建站僅向商家提供技(jì)術(shù)服務
< a href=" ">在線客服
地址：太原市(shì)小(xiǎo)店區長(cháng)風街132号長(cháng)風大廈2501 聯系人：李勇海15503662388 電(diàn)話：15503662388 手機(jī)：15503662388 Email：18810108338@163.com
孫夢嬌：13051469385 QQ：1006729750 QQ:574767988 QQ:812002424
微信：wxsmj_2008 微信:574767988