zoukankan      html  css  js  c++  java

  • 双机热备实验

    一:配置ip

      PC1ip和网关

      FW1FW2:三个接口的ip

      R1:接口ip和路由

    二:配置防火墙的区域和安全策略

    FW1FW2配置一样:

    [USG6000V1]firewall zone trust

    [USG6000V1-zone-trust]add int g1/0/2

    [USG6000V1-zone-trust]q

    [USG6000V1]firewall zone untrust

    [USG6000V1-zone-untrust]add int g1/0/0

    [USG6000V1-zone-untrust]q

    [USG6000V1]firewall zone dmz

    [USG6000V1-zone-dmz]add int g1/0/1

    [USG6000V1-zone-dmz]q

    [USG6000V1]security-policy

    [USG6000V1-policy-security]rule name tr2untr

    [USG6000V1-policy-security-rule-tr2untr]source-zone trust

    [USG6000V1-policy-security-rule-tr2untr]destination-zone untrust

    [USG6000V1-policy-security-rule-tr2untr]action permit

    [USG6000V1-policy-security-rule-tr2untr]q

    [USG6000V1-policy-security]rule name local2dmz

    [USG6000V1-policy-security-rule-local2dmz]source-zone local

    [USG6000V1-policy-security-rule-local2dmz]destination-zone dmz

    [USG6000V1-policy-security-rule-local2dmz]action permit

    [USG6000V1-policy-security-rule-local2dmz]q

    三:配置VRRP备份组

    FW1

    [USG6000V1]int g1/0/2

    [USG6000V1-GigabitEthernet1/0/2]vrrp vrid 1 virtual-ip 192.168.1.100 active

    [USG6000V1-GigabitEthernet1/0/2]q

    [USG6000V1]int g1/0/0

    [USG6000V1-GigabitEthernet1/0/0]vrrp vrid 2 virtual-ip 10.1.1.100 active

    FW2

    [USG6000V1]int g1/0/2

    [USG6000V1-GigabitEthernet1/0/2]vrrp vrid 1 virtual-ip 192.168.1.100 standby

    [USG6000V1-GigabitEthernet1/0/2]q

    [USG6000V1]int g1/0/0

    [USG6000V1-GigabitEthernet1/0/0]vrrp vrid 2 virtual-ip 10.1.1.100 standby

    四:配置心跳接口

    FW1

    [USG6000V1]hrp int g1/0/1 remote 172.16.1.2

    FW2

    [USG6000V1]hrp int g1/0/1 remote 172.16.1.1

    五:开启双击热备

    FW1

    [USG6000V1]hrp enable

    FW2

    [USG6000V1]hrp enable

    六:验证

    FW1

    HRP_M[USG6000V1]dis hrp state

     Role: active, peer: standby

     Running priority: 45000, peer: 45000

     Core state: normal, peer: normal

     Backup channel usage: 0.00%

     Stable time: 0 days, 0 hours, 4 minutes

     Last state change information: 2018-11-10 8:38:01 HRP core state changed, old_s

    tate = abnormal(standby), new_state = normal, local_priority = 45000, peer_prior

    ity = 45000.

    FW2

    HRP_S[USG6000V1]dis hrp state

     Role: standby, peer: active

     Running priority: 45000, peer: 45000

     Core state: normal, peer: normal

     Backup channel usage: 0.00%

     Stable time: 0 days, 0 hours, 5 minutes

     Last state change information: 2018-11-10 8:38:01 HRP link changes to up.
  • 相关阅读:
    在Dictionary使用foreach的注意
    [公告]新增项目交流区
    博客园Blog程序中又一个奇怪问题
    公告
    网络爬客光顾博客园
    爬网的影响
    致歉
    [业界新闻]中文IT百科Beta版于2006年7月10日正式上线
    公告
    疯狂的爬网
  • 原文地址:https://www.cnblogs.com/ccshi/p/13140281.html
Copyright © 2011-2022 走看看