亚洲乱码中文字幕综合,中国熟女仑乱hd,亚洲精品乱拍国产一区二区三区,一本大道卡一卡二卡三乱码全集资源,又粗又黄又硬又爽的免费视频

華為防火墻配置手冊 華為USG防火墻NAT配置

  發(fā)布時間:2014-08-22 10:09:10   作者:佚名   我要評論
今天小編為大家?guī)淼氖侨A為防火墻配置手冊(華為USG防火墻NAT配置),感興趣的朋友可以看一下

  • 14:14:00 2014/07/08

      • [FW-nat-policy-interzone-trust-untrust-outbound-0]policysource 10.0.2.0 0.0.0.2

      55

      14:14:26 2014/07/08

      [FW-nat-policy-interzone-trust-untrust-outbound-0]actionsource-nat

      14:14:37 2014/07/08

      [FW-nat-policy-interzone-trust-untrust-outbound-0]easy-ipg0/0/0

      14:14:51 2014/07/08

      [FW-nat-policy-interzone-trust-untrust-outbound-0]q

               配置完成后,驗證Trust區(qū)域與Untrust區(qū)域之間的訪問是否正常。

      <R2>ping 10.0.1.1

       PING 10.0.1.1: 56  data bytes,press CTRL_C to break

         Request time out

         Request time out

         Request time out

         Request time out

         Request time out

       

        ---10.0.1.1 ping statistics ---

          5packet(s) transmitted

          0packet(s) received

         100.00% packet loss

       

      <R2>ping -a 10.0.2.2 10.0.1.1

       PING 10.0.1.1: 56  data bytes,press CTRL_C to break

         Reply from 10.0.1.1: bytes=56 Sequence=1 ttl=254 time=220 ms

         Reply from 10.0.1.1: bytes=56 Sequence=2 ttl=254 time=100 ms

         Reply from 10.0.1.1: bytes=56 Sequence=3 ttl=254 time=100 ms

         Reply from 10.0.1.1: bytes=56 Sequence=4 ttl=254 time=120 ms

         Reply from 10.0.1.1: bytes=56 Sequence=5 ttl=254 time=440 ms

       

        ---10.0.1.1 ping statistics ---

          5packet(s) transmitted

          5packet(s) received

         0.00% packet loss

         round-trip min/avg/max = 100/196/440 ms

               注意,這里直接測試與10.0.1.1之間的連通性,顯示不通。使用擴展ping,指定了發(fā)送數(shù)據(jù)包的源地址是10.0.2.2后,實現(xiàn)了連通性。原因是,直接發(fā)送數(shù)據(jù)包到10.0.1.1時,數(shù)據(jù)包的源地址到10.0.1.1時,數(shù)據(jù)包的源地址為10.0.20.2,該地址不屬于NAT轉(zhuǎn)換的客戶端地址范圍。

      步驟六.將內(nèi)網(wǎng)服務(wù)器10.0.3.3發(fā)布出去

               配置內(nèi)網(wǎng)服務(wù)器10.0.3.3的telnet服務(wù),映射到地址10.0.10.20

      [FW]nat server protocol tcp global10.0.10.20 telnet inside 10.0.3.3 telnet

       

               在R3上開啟Telnet功能,并在R1上測試,測試時需要注意,對外發(fā)布的地址為10.0.10.20,所以R1對10.0.3.3訪問時,訪問的目標(biāo)地址為10.0.10.20。

      [R3]user-interface vty 0 4

      [R3-ui-vty0-4]authentication-mode password

      Please configure the login password(maximum length 16):16

      [R3-ui-vty0-4]set authentication password ?

       cipher  Set the password withcipher text

      [R3-ui-vty0-4]set authentication passwordcip       

      [R3-ui-vty0-4]set authentication passwordcipher Huawei

      [R3-ui-vty0-4]user privilege level 3

      [R3-ui-vty0-4]q

       

      <R1>telnet 10.0.10.20

       Press CTRL_] to quit telnet mode

       Trying 10.0.10.20 ...

       Connected to 10.0.10.20 ...

       

      Login authentication

      本文出自 “思科實驗linux” 博客,請務(wù)必保留此出處http://1054054.blog.51cto.com/1044054/1437509

    相關(guān)文章

    最新評論