zoukankan      html  css  js  c++  java

  • 防火墙典型配置

      

     先规划和配置IP地址

     路由器配置

      备注:回环(loopback)指将电子信号、数据流等原样送回发送者的行为。它主要用于对通信功能的测试。

      [Huawei]interface LoopBack 0
      [Huawei-LoopBack0]ip address 100.1.1.1 24

     防火墙配置  

      [SRG]firewall zone trust
      [SRG-zone-trust]add interface GigabitEthernet 0/0/0
      [SRG-zone-trust]qu
      [SRG]firewall zone untrust
      [SRG-zone-untrust]add interface GigabitEthernet 0/0/1
      [SRG-zone-untrust]qu

      ## 然后配置防火墙包过滤

      [SRG]policy interzone trust untrust outbound
      [SRG-policy-interzone-trust-untrust-outbound]policy 0
      [SRG-policy-interzone-trust-untrust-outbound-0]action permit
      [SRG-policy-interzone-trust-untrust-outbound-0]policy source 192.168.1.0 mask 24
      [SRG-policy-interzone-trust-untrust-outbound-0]qu
      [SRG-policy-interzone-trust-untrust-outbound]qu
      [SRG]ip route-static 0.0.0.0 0.0.0.0 1.1.1.1  ##默认路由,意思是所有路由的下一条都是1.1.1.1,或者说所有网络路径都由1.1.1.1这个端口转发

      ##配置nat

      [SRG]nat-policy interzone trust untrust outbound 

      [SRG-nat-policy-interzone-trust-untrust-outbound]policy 1
      [SRG-nat-policy-interzone-trust-untrust-outbound-1]action source-nat
      [SRG-nat-policy-interzone-trust-untrust-outbound-1]policy source 192.168.1.0 mask 24
      [SRG-nat-policy-interzone-trust-untrust-outbound-1]easy-ip GigabitEthernet 0/0/1

      [SRG-nat-policy-interzone-trust-untrust-outbound-1]quit
      [SRG-nat-policy-interzone-trust-untrust-outbound]quit

     用pc端ping

      

      PC>ping 100.1.1.1

      Ping 100.1.1.1: 32 data bytes, Press Ctrl_C to break
      From 100.1.1.1: bytes=32 seq=1 ttl=254 time=62 ms
      From 100.1.1.1: bytes=32 seq=2 ttl=254 time=63 ms
      From 100.1.1.1: bytes=32 seq=3 ttl=254 time=62 ms
      From 100.1.1.1: bytes=32 seq=4 ttl=254 time=63 ms
      From 100.1.1.1: bytes=32 seq=5 ttl=254 time=62 ms

      --- 100.1.1.1 ping statistics ---
      5 packet(s) transmitted
      5 packet(s) received
      0.00% packet loss
      round-trip min/avg/max = 62/62/63 ms

      PC>ping 1.1.1.1

      Ping 1.1.1.1: 32 data bytes, Press Ctrl_C to break
      From 1.1.1.1: bytes=32 seq=1 ttl=254 time=63 ms
      From 1.1.1.1: bytes=32 seq=2 ttl=254 time=78 ms
      From 1.1.1.1: bytes=32 seq=3 ttl=254 time=63 ms
      From 1.1.1.1: bytes=32 seq=4 ttl=254 time=62 ms
      From 1.1.1.1: bytes=32 seq=5 ttl=254 time=63 ms

      --- 1.1.1.1 ping statistics ---
      5 packet(s) transmitted
      5 packet(s) received
      0.00% packet loss
      round-trip min/avg/max = 62/65/78 ms

    实验完成

    杂念太多,必然根基浅薄
  • 相关阅读:
    强关联二维材料1T—TaS2晶体
    超薄二维Mo2C晶体
    稀有的二维狄拉克材料
    大自然中的几何植物
    字符串的内建函数
    python数据模型(特殊方法)
    插入排序
    下载谷歌浏览器(Chrome)扩展离线安装包crx文件最简单的方法
    33. 高精度练习之乘法
    32. 整数加法
  • 原文地址:https://www.cnblogs.com/starshine-zhp/p/12002251.html
Copyright © 2011-2022 走看看