751华为850eu1000防火墙的配置文件.docx-资源下载

751华为850eu1000防火墙的配置文件.docx

1、751华为850eu1000防火墙的配置文件*7515的配置文件*telnetDCRS-7515#sh run!Building configuration.!Current configuration : 3386 bytes!ver 07.6.04cT53ip dont-use-acl!module 1 fi-2-port-gig-management-modulemodule 2 fi-2-port-gig-management-modulemodule 3 fi-24-port-copper-modulemodule 4 fi-8-port-gig-module!global-prot

2、ocol-vlan!vlan 1 name DEFAULT-VLAN by port!vlan 10 by port untagged ethe 1/2 ethe 3/11 to 3/24 ethe 4/1 to 4/6 router-interface ve 10!vlan 11 by port untagged ethe 2/1 to 2/2 router-interface ve 11 !vlan 12 by port untagged ethe 4/7 router-interface ve 12!vlan 30 by port untagged ethe 4/8 router-int

3、erface ve 30!vlan 188 by port tagged ethe 1/1 router-interface ve 188!vlan 13 by port untagged ethe 3/1 to 3/10 router-interface ve 13!system-max ip-cache 256000system-max vlan 512system-max virtual-interface 512!qos profile qosp3 57 qosp2 30 qosp1 10 qosp0 3 enable-acl-counterenable telnet password

4、 .enable super-user-password .ip access-policy 97 deny any any icmp ip access-policy 98 deny any any udp eq 5000ip access-policy 99 deny any any tcp eq 5000ip access-policy 100 deny any any tcp eq loc-srvip access-policy 101 deny any any udp eq loc-srvip access-policy 102 deny any any tcp eq profile

5、ip access-policy 103 deny any any udp eq profileip access-policy 104 deny any any tcp eq 137ip access-policy 105 deny any any udp eq netbios-nsip access-policy 106 deny any any tcp eq 138ip access-policy 107 deny any any udp eq netbios-dgmip access-policy 108 deny any any tcp eq netbios-ssnip access

6、-policy 109 deny any any tcp eq microsoft-dsip access-policy 110 deny any any udp eq microsoft-dsip access-policy 111 deny any any tcp eq http-rpc-epmapip access-policy 112 deny any any udp eq http-rpc-epmapip access-policy 113 deny any any tcp eq 4444ip access-policy 114 deny any any udp eq tftpip

7、access-policy 115 deny any any udp eq netbios-ssnip access-policy 116 deny any any tcp eq 6556 ip access-policy 117 deny any any tcp eq 1023ip access-policy 118 permit any any !ip route 0.0.0.0 0.0.0.0 192.168.1.2ip route 192.168.0.0 255.255.0.0 192.168.188.2!ip icmp burst-normal 5000 burst-max 1000

8、0 lockup 300ip tcp burst-normal 10 burst-max 100 lockup 300port-prioritysnmp-server community . rwsnmp-server community . rwsnmp-server community . rwsnmp-server community . rwsnmp-server community . rw!interface ethernet 1/1 gig-default neg-full-auto!interface ethernet 3/16 no spanning-tree!interfa

9、ce ethernet 4/1 gig-default auto-gig !interface ethernet 4/2 gig-default auto-gig!interface ve 10 ip address 192.168.1.1 255.255.255.0!interface ve 11 ip address 192.168.2.1 255.255.255.0!interface ve 12 ip address 192.168.3.1 255.255.255.0 ip access-policy-g in 97 to 118 ip access-policy-g out 97 t

10、o 118 !interface ve 13 ip address 192.168.5.1 255.255.255.240!interface ve 30 ip address 192.168.24.1 255.255.254.0 ip access-policy-g in 97 to 118 ip access-policy-g out 97 to 118 ! interface ve 188 ip address 192.168.188.1 255.255.255.252!ip access-list extended anti deny tcp any any eq loc-srv de

11、ny tcp any any eq 137 deny tcp any any eq netbios-ssn deny tcp any any eq microsoft-ds deny udp any any eq loc-srv deny udp any any eq netbios-ns deny udp any any eq netbios-ssn deny udp any any eq microsoft-ds!redundancy active-management 1!endtelnetDCRS-7515# *华为8500的配置*dis cu# config-version S850

12、0-VRP310-R1278P05# sysname WL_S8505# super password level 3 cipher 5C-2O#ENOQ=QMAF41!# local-server nas-ip 127.0.0.1 key huawei# Xbar load-single# router route-limit 128K router VRF-limit 256# anti-attack arp enable#radius scheme system server-type huawei primary authentication 127.0.0.1 1645 primar

13、y accounting 127.0.0.1 1646 user-name-format without-domain#domain system vlan-assignment-mode integer access-limit disable state active idle-cut disable self-service-url disable domain default enable system#local-user infowei level 3local-user wulianjiaowei service-type telnet level 1#acl number 30

14、00 rule 1 deny udp destination-port eq 135 rule 2 deny udp destination-port eq 136 rule 3 deny udp destination-port eq netbios-ns rule 4 deny udp destination-port eq netbios-dgm rule 5 deny udp destination-port eq netbios-ssn rule 7 deny udp destination-port eq 445 rule 8 deny udp destination-port e

15、q 539 rule 9 deny udp destination-port eq 593rule 10 deny udp destination-port eq 1434 rule 11 deny tcp destination-port eq 135 rule 12 deny tcp destination-port eq 136 rule 13 deny tcp destination-port eq 137 rule 14 deny tcp destination-port eq 138 rule 15 deny tcp destination-port eq 139 rule 16

16、deny tcp destination-port eq 445 rule 17 deny tcp destination-port eq 539 rule 18 deny tcp destination-port eq 593 rule 19 deny tcp destination-port eq 1434 rule 20 deny tcp destination-port eq 4444 rule 21 deny tcp destination-port eq 5554 rule 22 deny tcp destination-port eq 9995 rule 23 deny tcp

17、destination-port eq 9996# vlan 1 # vlan 2 description TO_ERZHONG # vlan 3 description TO_SANZHONG # vlan 4 description TO_HONGNING # vlan 5 description TO_HONGXIAO # vlan 6 description TO_TEXIAO # vlan 8 description TO_ZHIXIAO # vlan 11 description TO_MOXIAO # vlan 12 description TO_HEXI_FENXIAO #vl

18、an 13 description TO_ZHIJIAOZHONGXIN#vlan 17 description TO_SHICHANG#vlan 18 description TO_TONGSU#vlan 100 description TO_YIZHONG#vlan 188 description TO_JIAOWEI7515#vlan 2071 description TO_DONGBU_SCHOOL#vlan 2076 description TO_JIETOU#vlan 2178 description TO_ZHONGZHI#vlan 2181 description TO_WAN

19、GHU_CHUZHONG#vlan 2183 description TO_BEIXIAN#vlan 2216 description TO_WANGSHITUAN#interface Vlan-interface2 ip address 192.168.8.1 255.255.254.0#interface Vlan-interface3 ip address 192.168.10.1 255.255.254.0 ip address 192.168.73.1 255.255.254.0 sub ip address 192.168.76.1 255.255.254.0 sub#interf

20、ace Vlan-interface4 ip address 192.168.12.1 255.255.254.0#interface Vlan-interface5 ip address 192.168.14.1 255.255.254.0#interface Vlan-interface6 ip address 192.168.16.1 255.255.254.0#interface Vlan-interface8 ip address 192.168.20.1 255.255.254.0 #interface Vlan-interface11 ip address 192.168.58.

21、1 255.255.254.0#interface Vlan-interface12 ip address 192.168.22.1 255.255.254.0#interface Vlan-interface13 ip address 192.168.26.1 255.255.254.0#interface Vlan-interface17 ip address 192.168.36.1 255.255.254.0 ip address 192.168.98.1 255.255.254.0 sub#interface Vlan-interface18 ip address 192.168.3

22、8.1 255.255.254.0#interface Vlan-interface100 ip address 192.168.6.1 255.255.255.248#interface Vlan-interface188 ip address 192.168.188.2 255.255.255.252 #interface Vlan-interface2071 ip address 192.168.18.1 255.255.254.0 ip address 192.168.60.1 255.255.254.0 sub ip address 192.168.74.1 255.255.254.

23、0 sub ip address 192.168.84.1 255.255.254.0 sub ip address 192.168.92.1 255.255.254.0 sub ip address 192.168.94.1 255.255.254.0 sub ip address 192.168.96.1 255.255.254.0 sub ip address 192.168.100.1 255.255.254.0 sub ip address 192.168.116.1 255.255.254.0 sub ip address 192.168.118.1 255.255.254.0 s

24、ub ip address 192.168.120.1 255.255.254.0 sub#interface Vlan-interface2076 ip address 192.168.34.1 255.255.254.0 ip address 192.168.68.1 255.255.254.0 sub ip address 192.168.90.1 255.255.254.0 sub#interface Vlan-interface2178 ip address 192.168.32.1 255.255.254.0 ip address 192.168.48.1 255.255.254.

25、0 sub ip address 192.168.50.1 255.255.254.0 sub ip address 192.168.66.1 255.255.254.0 sub#interface Vlan-interface2181 ip address 192.168.28.1 255.255.254.0 ip address 192.168.64.1 255.255.254.0 sub ip address 192.168.78.1 255.255.254.0 sub ip address 192.168.110.1 255.255.254.0 sub ip address 192.1

26、68.114.1 255.255.254.0 sub#interface Vlan-interface2183 ip address 192.168.30.1 255.255.254.0 ip address 192.168.62.1 255.255.254.0 sub ip address 192.168.102.1 255.255.254.0 sub ip address 192.168.104.1 255.255.254.0 sub ip address 192.168.106.1 255.255.254.0 sub ip address 192.168.108.1 255.255.25

27、4.0 sub ip address 192.168.112.1 255.255.254.0 sub#interface Vlan-interface2216 ip address 192.168.80.1 255.255.254.0 ip address 192.168.82.1 255.255.254.0 sub ip address 192.168.86.1 255.255.254.0 sub ip address 192.168.88.1 255.255.254.0 sub#interface Aux0/0/1#interface M-Ethernet0/0/0#interface E

28、thernet2/1/1 description TO_YIZHONG port access vlan 100 packet-filter inbound ip-group 3000 rule 1 system-index 45 packet-filter inbound ip-group 3000 rule 2 system-index 46 packet-filter inbound ip-group 3000 rule 3 system-index 47 packet-filter inbound ip-group 3000 rule 4 system-index 48 packet-

29、filter inbound ip-group 3000 rule 5 system-index 49 packet-filter inbound ip-group 3000 rule 7 system-index 50 packet-filter inbound ip-group 3000 rule 8 system-index 51 packet-filter inbound ip-group 3000 rule 9 system-index 52 packet-filter inbound ip-group 3000 rule 10 system-index 53 packet-filt

30、er inbound ip-group 3000 rule 11 system-index 54 packet-filter inbound ip-group 3000 rule 12 system-index 55 packet-filter inbound ip-group 3000 rule 13 system-index 56 packet-filter inbound ip-group 3000 rule 14 system-index 57 packet-filter inbound ip-group 3000 rule 15 system-index 58 packet-filter inbound ip-group 3000 rule 16 system-index 59 packet-filter inbound ip-group 3000 rule 17 system-index 60 packet-filter inbound ip-gr

邮箱/手机：
温馨提示：	快捷下载时，用户名和密码都是您填写的邮箱或者手机号，方便查询和重复下载（系统自动生成）。如填写123，账号就是123，密码也是123。
特别说明：	请自助下载，系统不会自动发送文件的哦；如果您已付费，想二次下载，请登录后访问：我的下载记录
支付方式：
验证码：	换一换

账号：
密码：
验证码：	换一换
当日自动登录忘记密码？