1rulepermiticmpsourcea
ydesti
atio
a
yicmptypeechoreplyQuidwayacl102Quidwayacl102rulepermitipsource100010000desti
atio
2020010000Quidwayacl102rulede
yipsourcea
ydesti
atio
a
yQuidwayacl103
Quidwayacl103rulepermittcpsourcea
ydesti
atio
100010000desti
atio
portequalftp
Quidwayacl103rulepermittcpsourcea
ydesti
atio
100020000desti
atio
portequalwww
fQuidwayfirewalle
ableQuidwayfirewalldefaultpermitde
yQuidwayi
te0QuidwayEther
et0firewallpacketfilter101i
bou
doutbou
d十、华为路由器交换机配置命令:地址转换配置举例Quidwayfirewalle
ableQuidwayfirewalldefaultpermitQuidwayacl101内部指定主机可以进入e0Quidwayacl101rulede
yipsourcea
ydesti
atio
a
yQuidwayacl101rulepermitipsource12938110desti
atio
a
yQuidwayacl101rulepermitipsource12938120desti
atio
a
yQuidwayacl101rulepermitipsource12938130desti
atio
a
yQuidwayacl101rulepermitipsource12938140desti
atio
a
yQuidwayacl101quitQuidwayi
te0QuidwayEther
et0firewallpacketfilter101i
bou
dQuidwayacl102外部特定主机和大于1024端口的数据包允许进入S0Quidwayacl102rulede
yipsourcea
ydesti
atio
a
yQuidwayacl102rulepermittcpsource20239230desti
atio
2023816010
Quidwayacl102rulepermittcpsourcea
ydesti
atio
2023816010desti
atio
portgreattha
1024Quidwayacl102quitQuidwayi
ts0QuidwaySerial0firewallpacketfilter102i
bou
d设202381601是路由器出口IP。QuidwaySerial0
atoutbou
d101i
terface是Easyip,将acl101允许的IP从本接口出时变换源地址。十一、华为路由器交换机配置命令:内部服务器地址转换配置命令静态
at:
f
atserverglobalporti
sideportprotocolglobal_port不写时使用i
side_portQuidwaySerial0
atserverglobal202381601i
side1293811ftptcpQuidwaySerial0
atserverglobal202381601i
side1293812tel
ettcpQuidwaySerial0
atserverglobal202381601i
side1293813wwwtcp设有公网IP:2023816010120238160103可以使用。对外访问原例题Quidway
ataddressgroup2023816010120238160103pool1建立地址池Quidwayacl1Quidwayacl1rulepermitsource10110100000255指定允许的内部网络Quidwayacl1rulede
ysourcea
yQuidwayacl1i
tserial0QuidwaySerial0
atoutbou
d1addressgrouppool1在s0口从地址池取出IP对外访问QuidwaySerial0
atserverglobal20238160101i
side10110101ftptcpQuidwaySerial0
atserverglobal20238160102i
side10110102wwwtcpQuidwaySerial0
atserverglobal202381601028080i
side10110103wwwtcpQuidwaySerial0
atserverglobal20238160103i
side10110104smtpudp华为路由器交换机配置命令:PPP设置:Quidways0li
kprotocolppp默认的协议十二、华为路由器交换机配置命令:PPP验证:主验方:papchapQuidwaylocaluserq2passwordsimplecipherhello路由器1Quidwayi
terfaceserial0r
