求h3c secpath f100-s 固定ip配置模版

2024-12-02 03:09:42

推荐回答（3个）

回答1：

假设你外网固定IP是221.228.255.1
ip nat pool poola 221.228.255.1 netmask 255.255.255.0
ip nat inside source list 1 pool poola
access-list 1 permit 192.168.1.0 0.0.0.255
另外还要说明一下外网接口和内网接口

回答2：

[H3C]dis cu
#
sysname H3C
#
firewall packet-filter enable
firewall packet-filter default permit
#
undo connection-limit enable
connection-limit default deny
connection-limit default amount upper-limit 50 lower-limit 20
#
firewall statistic system enable
#
radius scheme system
#
domain system
#
acl number 3000
rule 0 permit ip source 10.2.137.0 0.0.0.255
#
interface Aux0
async mode flow
#
interface Ethernet0/0
ip address 10.1.5.50 255.255.255.252
nat outbound 3000
#
interface Ethernet0/1
ip address 10.2.137.1 255.255.255.0
#
interface Ethernet0/2
#
interface Ethernet0/3
#
interface Encrypt1/0
#
interface NULL0
#
firewall zone local
set priority 100
#
firewall zone trust
add interface Ethernet0/1
set priority 85
#
firewall zone untrust
add interface Ethernet0/0
set priority 5
#
firewall zone DMZ
set priority 50
#
firewall interzone local trust
#
firewall interzone local untrust
#
firewall interzone local DMZ
#
firewall interzone trust untrust
#
firewall interzone trust DMZ
#
firewall interzone DMZ untrust
#
ip route-static 0.0.0.0 0.0.0.0 10.1.5.49 preference 60
#
firewall defend ip-spoofing
firewall defend land
firewall defend smurf
firewall defend fraggle
firewall defend winnuke
firewall defend icmp-redirect
firewall defend icmp-unreachable
firewall defend source-route
firewall defend route-record
firewall defend tracert
firewall defend ping-of-death
firewall defend tcp-flag
firewall defend ip-fragment
firewall defend large-icmp
firewall defend teardrop
firewall defend ip-sweep
firewall defend port-scan
firewall defend arp-spoofing
firewall defend arp-reverse-query
firewall defend arp-flood
firewall defend frag-flood
firewall defend syn-flood enable
firewall defend udp-flood enable
firewall defend icmp-flood enable
#
user-interface con 0
user-interface aux 0
user-interface vty 0 4
authentication-mode scheme
#
return
[H3C]

很早以前的一个了，命令行大概没有改变。

回答3：

10分就打发了哦。

100分，给你一个配置模板。