监控安装 ERP

系统集成论坛

 找回密码
 注册通行证

QQ登录

只需一步,快速开始

路由器交换机防火墙系统集成商城 优质产品采购平台
查看: 2540|回复: 2
打印 上一主题 下一主题

华赛防火墙双线配置

  [复制链接]

0

主题

7

帖子

16

积分

实习生

QQ
跳转到指定楼层
1
发表于 2010-8-31 13:43:42 | 只看该作者 回帖奖励 |倒序浏览 |阅读模式
华为金牌代理
#
acl number 2001
description for netcome
rule 0 permit source 10.10.0.0 0.0.255.255
acl number 2002
description for telcom
rule 0 permit source 10.10.0.0 0.0.255.255
#
acl number 3001
rule 0 permit ip source 10.10.0.0 0.0.255.255
rule 5 permit ip destination 10.10.0.0 0.0.255.255
rule 10 permit tcp source 10.10.0.0 0.0.255.255
rule 15 permit tcp destination 10.10.0.0 0.0.255.255
rule 20 permit udp source 10.10.0.0 0.0.255.255
rule 25 permit udp destination 10.10.0.0 0.0.255.255
rule 26 permit gre source 10.10.0.0 0.0.255.255
rule 27 permit gre destination 10.10.0.0 0.0.255.255
rule 30 permit icmp
rule 35 permit igmp
rule 40 permit ipinip
acl number 3002
rule 0 permit tcp source 10.10.0.0 0.0.255.255
rule 5 permit udp source 10.10.0.0 0.0.255.255
rule 10 permit udp destination 10.10.0.0 0.0.255.255
rule 15 permit tcp destination 10.10.0.0 0.0.255.255
rule 20 permit ip source 10.10.0.0 0.0.255.255
rule 25 permit ip destination 10.10.0.0 0.0.255.255
#
sysname tianyangtian
#
web-manager enable
web-manager security enable
#
firewall packet-filter default permit interzone local trust direction inbound
firewall packet-filter default permit interzone local trust direction outbound
firewall packet-filter default permit interzone local untrust direction inbound
firewall packet-filter default permit interzone local untrust direction outbound
firewall packet-filter default permit interzone local telcom direction inbound
firewall packet-filter default permit interzone local telcom direction outbound
#
nat address-group 11 ###########################
nat address-group 12 ###########################

bypass switch-back auto
#
undo firewall statistic system enable
undo firewall session link-state check   
#
interface Aux0
async mode flow
link-protocol ppp
#
interface Ethernet0/0/0
#
interface Ethernet0/0/1
#
interface Ethernet2/0/0
description to_huangcheng
ip address 192.168.8.2 255.255.255.252
ip address ###########################  ###########################
#
interface Ethernet2/0/1
#
interface Ethernet2/0/2
#
interface Ethernet2/0/3
#
interface GigabitEthernet1/0/0
description to_lijing
ip address ###########################
ip address ###########################
#
interface GigabitEthernet1/0/1
description to_BAS
ip address 172.31.16.1 255.255.255.0
#
interface NULL0
#
firewall zone local
set priority 100
#
firewall zone trust
set priority 85
add interface GigabitEthernet1/0/1
#
firewall zone untrust
set priority 5
add interface GigabitEthernet1/0/0
#
firewall zone dmz
set priority 50
#                                         
firewall zone vzone
set priority 0
#
firewall zone name telcom
set priority 80
add interface Ethernet2/0/0
#
firewall interzone trust untrust
firewall long-link 3002 inbound
firewall long-link 3002 outbound
packet-filter 3001 inbound
packet-filter 3001 outbound
nat outbound 2001 address-group 12
detect ftp
detect pptp
detect http
detect rtsp
#
firewall interzone trust telcom
firewall long-link 3002 inbound
firewall long-link 3002 outbound
packet-filter 3001 inbound
packet-filter 3001 outbound              
nat outbound 2002 address-group 11
detect ftp
detect pptp
detect http
detect rtsp
#
aaa
local-user ###########################
local-user ###########################
local-user admin level 3
authentication-scheme default
#
authorization-scheme default
#
accounting-scheme default
#
domain default
#
#
slb
#

snmp-agent
snmp-agent local-engineid 000007DB7F000001000024C8
snmp-agent community read  etns
snmp-agent community read  LEEmike0202
snmp-agent sys-info version all
#
user-interface con 0
user-interface aux 0
authentication-mode none
user-interface vty 0 4                    
authentication-mode aaa
#
return

评分

1

查看全部评分

0

主题

7

帖子

16

积分

实习生

QQ
2
 楼主| 发表于 2010-9-1 15:27:29 | 只看该作者
华为金牌代理
路由表一个默认的走网通,找一些静态的大网段指向电信就可以了.
走自己的路 让别人跟我走
3
发表于 2013-12-17 17:04:58 | 只看该作者
华为金牌代理
不错啊,感谢分享。
我分享,我成长!系统集成 XTJC.COM
您需要登录后才可以回帖 登录 | 注册通行证

本版积分规则

联系我们| 手机版|系统集成论坛 ( 京ICP备11008917号 )

GMT+8, 2024-11-18 17:43 , Processed in 0.272493 second(s), 25 queries .

系统集成论坛

BBS.XTJC.COM

快速回复 返回顶部 返回列表