收藏
下载资源下载资源 加入VIP,免费下载

H3C F00C防火墙配置IPSEC VPN+PPPOE.docx

上传人:b****6 文档编号:4324096 上传时间:2022-11-29 格式:DOCX 页数:13 大小:15.58KB
下载 相关 举报
H3C F00C防火墙配置IPSEC VPN+PPPOE.docx_第1页
第1页 / 共13页
H3C F00C防火墙配置IPSEC VPN+PPPOE.docx_第2页
第2页 / 共13页
H3C F00C防火墙配置IPSEC VPN+PPPOE.docx_第3页
第3页 / 共13页
H3C F00C防火墙配置IPSEC VPN+PPPOE.docx_第4页
第4页 / 共13页
H3C F00C防火墙配置IPSEC VPN+PPPOE.docx_第5页
第5页 / 共13页
点击查看更多>>
下载资源
资源描述

H3C F00C防火墙配置IPSEC VPN+PPPOE.docx

《H3C F00C防火墙配置IPSEC VPN+PPPOE.docx》由会员分享,可在线阅读,更多相关《H3C F00C防火墙配置IPSEC VPN+PPPOE.docx(13页珍藏版)》请在冰豆网上搜索。

H3C F00C防火墙配置IPSEC VPN+PPPOE.docx

H3CF00C防火墙配置IPSECVPN+PPPOE

[GGGXNanNing]discur

#

sysnameGGGXNanNing

#

clocktimezonebeijingadd08:

00:

00

#

ikelocal-nameGGGXNanNing

#

firewallpacket-filterenable

firewallpacket-filterdefaultpermit

#

insulate

#

dialer-rule1ippermit

#

firewallstatisticsystemenable

#

DNSresolve

DNSserver219.141.136.10

DNSserver219.150.32.132

DNSserver221.5.88.88

DNS-proxyenable

#

radiusschemesystem

server-typeextended

#

domainsystem

#

local-useradmin

passwordcipher%=H"2a4C5);Q=^Q`MAF4<1!

!

service-typetelnetterminal

level3

service-typeftp

local-usercroco

passwordcipher%=H"2a4C5);Q=^Q`MAF4<1!

!

service-typetelnet

level3

local-usergonggu

passwordsimplegg2009

service-typetelnetterminal

level3

local-userlibin

passwordcipher-[Z17,-WZX;Q=^Q`MAF4<1!

!

service-typetelnet

level3

#

ikedpd1

#

ikepeerg_bjdc

exchange-modeaggressive

pre-shared-keygonggu

id-typename

remote-namebjdc

remote-address219.141.188.57

nattraversal

dpd1

#

ikepeerg_shenzhen

exchange-modeaggressive

pre-shared-keygonggu

id-typename

remote-nameshenzhen

remote-address121.35.247.177

nattraversal

dpd1

#

ipsecproposalesp-md5-des

#

ipsecpolicyikepol1isakmp

securityacl3000

pfsdh-group1

ike-peerg_bjdc

proposalesp-md5-des

#

ipsecpolicyikepol2isakmp

securityacl3001

pfsdh-group1

ike-peerg_shenzhen

proposalesp-md5-des

#

dhcpserverip-poollan

network10.80.151.0mask255.255.255.0

gateway-list10.80.151.254

dns-list10.2.1.110.2.1.261.139.2.69

#

aclnumber3000

rule10permitipsource10.80.151.00.0.0.255destination10.0.0.00.63.255.25

5logging

rule20denyiplogging

aclnumber3001

rule10permitipsource10.80.151.00.0.0.255destination10.80.0.00.0.127.25

5logging

rule20denyiplogging

aclnumber3002

rule10denyipsource10.80.151.00.0.0.255destination10.0.0.00.63.255.255

logging

rule20denyipsource10.80.151.00.0.0.255destination10.80.0.00.0.127.255

logging

rule30permitipsource10.80.151.00.0.0.255

#

interfaceAux0

asyncmodeflow

#

interfaceDialer1

link-protocolppp

0771*******

mtu1400

tcpmss1300

ipaddressppp-negotiate

dialeruserfh

dialer-group1

dialerbundle1

natoutbound3002

ipsecpolicyikepol

#

interfaceEthernet0/0

ipaddress10.80.151.254255.255.255.0

#

interfaceEthernet0/1

#

interfaceEthernet0/2

#

interfaceEthernet0/3

#

interfaceEthernet0/4

speed10

duplexfull

pppoe-clientdial-bundle-number1

mtu1370

tcpmss1340

ipaddressdhcp-alloc

#

interfaceEncrypt1/0

#

interfaceNULL0

#

firewallzonelocal

setpriority100

#

firewallzonetrust

addinterfaceEthernet0/0

setpriority85

#

firewallzoneuntrust

addinterfaceEthernet0/4

addinterfaceDialer1

setpriority5

#

firewallzoneDMZ

setpriority50

#

firewallinterzonelocaltrust

#

firewallinterzonelocaluntrust

#

firewallinterzonelocalDMZ

#

firewallinterzonetrustuntrust

#

firewallinterzonetrustDMZ

#

firewallinterzoneDMZuntrust

#

ddns-server3322.org

ddnsusernameguangxi01

ddnspassword88888888

ddnsdomainnameguangxi01.3322.org

ddnssource-interfaceDialer1

#

FTPserverenable

#

dhcpserverforbidden-ip10.80.151.20010.80.151.254

#

iproute-static0.0.0.00.0.0.0Dialer1preference60

#

user-interfacecon0

user-interfaceaux0

user-interfacevty04

authentication-modescheme

#

return

[GGGXNanNing]

********************************************************************************

*Copyright(c)2004-2009HangzhouH3CTechnologiesCo.,Ltd.Allrightsreserve

d.*

*Withouttheowner'spriorwrittenconsent,*

*nodecompilingorreverse-engineeringshallbeallowed.*

********************************************************************************

Userinterfacecon0isavailable.

PleasepressENTER.

%Nov917:

03:

55:

7562010GGGXNanNingSHELL/4/LOGIN:

Consoleloginfromcon0

discur

#

sysnameGGGXNanNing

#

clocktimezonebeijingadd08:

00:

00

#

ikelocal-nameGGGXNanNing

#

firewallpacket-filterenable

firewallpacket-filterdefaultpermit

#

insulate

#

dialer-rule1ippermit

#

firewallstatisticsystemenable

#

DNSresolve

DNSserver219.141.136.10

DNSserver219.150.32.132

DNSserver221.5.88.88

DNS-proxyenable

#

radiusschemesystem

server-typeextended

#

domainsystem

#

local-useradmin

passwordcipher%=H"2a4C5);Q=^Q`MAF4<1!

!

service-typetelnetterminal

level3

service-typeftp

local-usercroco

passwordcipher%=H"2a4C5);Q=^Q`MAF4<1!

!

service-typetelnet

level3

local-usergonggu

passwordsimplegg2009

service-typetelnetterminal

level3

local-userlibin

passwordcipher-[Z17,-WZX;Q=^Q`MAF4<1!

!

service-typetelnet

level3

#

ikedpd1

#

ikepeerg_bjdc

exchange-modeaggressive

pre-shared-keygonggu

id-typename

remote-namebjdc

remote-address219.141.188.57

nattraversal

dpd1

#

ikepeerg_shenzhen

exchange-modeaggressive

pre-shared-keygonggu

id-typename

remote-nameshenzhen

remote-address121.35.247.177

nattraversal

dpd1

#

ipsecproposalesp-md5-des

#

ipsecpolicyikepol1isakmp

securityacl3000

pfsdh-group1

ike-peerg_bjdc

proposalesp-md5-des

#

ipsecpolicyikepol2isakmp

securityacl3001

pfsdh-group1

ike-peerg_shenzhen

proposalesp-md5-des

#

dhcpserverip-poollan

network10.80.151.0mask255.255.255.0

gateway-list10.80.151.254

dns-list10.2.1.110.2.1.261.139.2.69

#

aclnumber3000

rule10permitipsource10.80.151.00.0.0.255destination10.0.0.00.63.255.25

5logging

rule20denyiplogging

aclnumber3001

rule10permitipsource10.80.151.00.0.0.255destination10.80.0.00.0.127.25

5logging

rule20denyiplogging

aclnumber3002

rule10denyipsource10.80.151.00.0.0.255destination10.0.0.00.63.255.255

logging

rule20denyipsource10.80.151.00.0.0.255destination10.80.0.00.0.127.255

logging

rule30permitipsource10.80.151.00.0.0.255

#

interfaceAux0

asyncmodeflow

#

interfaceDialer1

link-protocolppp

0771*******

mtu1400

tcpmss1300

ipaddressppp-negotiate

dialeruserfh

dialer-group1

dialerbundle1

natoutbound3002

ipsecpolicyikepol

#

interfaceEthernet0/0

ipaddress10.80.151.254255.255.255.0

#

interfaceEthernet0/1

#

interfaceEthernet0/2

#

interfaceEthernet0/3

#

interfaceEthernet0/4

speed10

duplexfull

pppoe-clientdial-bundle-number1

mtu1370

tcpmss1340

ipaddressdhcp-alloc

#

interfaceEncrypt1/0

#

interfaceNULL0

#

firewallzonelocal

setpriority100

#

firewallzonetrust

addinterfaceEthernet0/0

setpriority85

#

firewallzoneuntrust

addinterfaceEthernet0/4

addinterfaceDialer1

setpriority5

#

firewallzoneDMZ

setpriority50

#

firewallinterzonelocaltrust

#

firewallinterzonelocaluntrust

#

firewallinterzonelocalDMZ

#

firewallinterzonetrustuntrust

#

firewallinterzonetrustDMZ

#

firewallinterzoneDMZuntrust

#

ddns-server3322.org

ddnsusernameguangxi01

ddnspassword88888888

ddnsdomainnameguangxi01.3322.org

ddnssource-interfaceDialer1

#

FTPserverenable

#

dhcpserverforbidden-ip10.80.151.20010.80.151.254

#

iproute-static0.0.0.00.0.0.0Dialer1preference60

#

user-interfacecon0

user-interfaceaux0

user-interfacevty04

authentication-modescheme

#

return

展开阅读全文
相关资源
猜你喜欢
相关搜索

当前位置:首页 > 初中教育 > 科学

copyright@ 2008-2022 冰豆网网站版权所有

经营许可证编号:鄂ICP备2022015515号-1