静态NAT+Telnet配置
dis cu //
#
sysname R1 //
#
undo info-center enable //
#
aaa //
authentication-scheme default
authorization-scheme default
accounting-scheme default
domain default
domain default_admin
local-user admin password cipher OOCM4m($F4ajUn1vMEIBNUw#
local-user admin service-type http
#
firewall zone Local
priority 16
#
interface Ethernet0/0/0
#
interface Ethernet0/0/1
#
interface Serial0/0/0
link-protocol ppp
#
interface Serial0/0/1
link-protocol ppp
#
interface Serial0/0/2
link-protocol ppp
#
interface Serial0/0/3
link-protocol ppp
#
interface GigabitEthernet0/0/0 //
ip address 202.10.1.2 255.255.255.248 //
nat static global 202.10.1.3 inside 10.1.1.2 netmask 255.255.255.255 //
nat static global 202.10.1.4 inside 10.1.2.2 netmask 255.255.255.255 //
nat static global 202.10.1.5 inside 10.1.3.2 netmask 255.255.255.255 //
#
interface GigabitEthernet0/0/1 //
ip address 10.1.1.1 255.255.255.0 //
#
interface GigabitEthernet0/0/2 //
ip address 10.1.2.1 255.255.255.0 //
#
interface GigabitEthernet0/0/3 //
ip address 10.1.3.1 255.255.255.0 //
#
wlan
#
interface NULL0
#
ospf 1 //
area 0.0.0.0 //
network 202.10.1.0 0.0.0.255 //
network 10.1.1.0 0.0.0.255 //
network 10.1.2.0 0.0.0.255 //
network 10.1.3.0 0.0.0.255 //
#
user-interface con 0
user-interface vty 0 4
user-interface vty 16 20
#
return
dis cu //
#
sysname R2 //
#
undo info-center enable //
#
acl number 2000 //
rule 5 permit source 10.1.1.2 0 //
rule 10 deny //
#
aaa //
authentication-scheme default
authorization-scheme default
accounting-scheme default
domain default
domain default_admin
local-user admin password cipher SA>!,p*-7Z]@l3D+mKgUzz+# //密码加密了
local-user admin service-type telnet //
#
firewall zone Local
priority 16
#
interface Ethernet0/0/0
#
interface Ethernet0/0/1
#
interface Serial0/0/0
link-protocol ppp
#
interface Serial0/0/1
link-protocol ppp
#
interface Serial0/0/2
link-protocol ppp
#
interface Serial0/0/3
link-protocol ppp
#
interface GigabitEthernet0/0/0 //
ip address 202.10.1.1 255.255.255.248 //
#
interface GigabitEthernet0/0/1
#
interface GigabitEthernet0/0/2
#
interface GigabitEthernet0/0/3
#
wlan
#
interface NULL0
#
ospf 1 //
area 0.0.0.0 //
network 202.10.1.0 0.0.0.255 //
#
user-interface con 0
user-interface vty 0 4 //
acl 2000 inbound //
authentication-mode aaa //
user privilege level 2 //
user-interface vty 16 20 //
#
return
命令:
R1:
[Huawei]sysname R1
[R1]un in en
Info: Information center is disabled.
[R1]interface GigabitEthernet0/0/0
[R1-GigabitEthernet0/0/0]ip a
[R1-GigabitEthernet0/0/0]ip address 202.10.1.2 29
[R1-GigabitEthernet0/0/0]q
[R1]interface GigabitEthernet0/0/1
[R1-GigabitEthernet0/0/1]ip a
[R1-GigabitEthernet0/0/1]ip address 10.1.1.1 24
[R1-GigabitEthernet0/0/1]q
[R1]interface GigabitEthernet0/0/2
[R1-GigabitEthernet0/0/2]ip address 10.1.2.1 24
[R1]int
[R1]interface GigabitEthernet0/0/3
[R1-GigabitEthernet0/0/3]ip address 10.1.3.1 24
[R1]ospf
[R1-ospf-1]area 0
[R1-ospf-1-area-0.0.0.0]network 202.10.1.0 0.0.0.255
[R1-ospf-1-area-0.0.0.0]network 10.1.1.0 0.0.0.255
[R1-ospf-1-area-0.0.0.0]network 10.1.2.0 0.0.0.255
[R1-ospf-1-area-0.0.0.0]network 10.1.3.0 0.0.0.255
[R1]interface GigabitEthernet0/0/0
[R1-GigabitEthernet0/0/0]nat static global 202.10.1.3 inside 10.1.1.2
[R1-GigabitEthernet0/0/0]nat static global 202.10.1.4 inside 10.1.2.2
[R1-GigabitEthernet0/0/0]nat static global 202.10.1.5 inside 10.1.3.2
R2:
[Huawei]sysname R2
[R2]un in en
Info: Information center is disabled.
[R2]interface GigabitEthernet0/0/0
[R2-GigabitEthernet0/0/0]ip address 202.10.1.1 29
[R2-ospf-1-area-0.0.0.0]network 202.10.1.0 0.0.0.7
[R2]user-interface vty 0 4
[R2-ui-vty0-4]user privilege level 2
[R2-ui-vty0-4]authentication-mode aaa
[R2]aaa
[R2-aaa]local-user admin password cipher admin
[R2-aaa]local-user admin service-type telnet
[R2]acl 2001
[R2-acl-basic-2001]rule 10 permit source 10.1.1.2 0.0.0.255
[R2-acl-basic-2001]rule 15 deny source any
[R2-acl-basic-2001]q
[R2]user-interface vty 0 4
[R2-ui-vty0-4]acl 2001 inbound
[R2-ui-vty0-4]q
[R2]display acl 2001
Basic ACL 2001, 2 rules
ACL's step is 5
rule 10 permit source 10.1.1.0 0.0.0.255 (0 times matched)
rule 15 deny (0 times matched)
[R2]
共有 0 条评论