#
vlan batch 99 103
hrp enable
hrp interface GigabitEthernet1/0/2 remote 12.1.1.2
interface GigabitEthernet0/0/0
undo shutdown
ip binding vpn-instance default
alias GE0/METH
#
interface GigabitEthernet1/0/0 //进入接口
undo shutdown //开启端口
ip address 10.1.1.2 255.255.255.252 //配置ip
service-manage http permit //放行http协议
service-manage https permit //放行https协议
service-manage ping permit //放行ping协议
service-manage ssh permit //放行ssh协议
service-manage snmp permit //放行snmp协议
service-manage telnet permit //放行telnet协议
interface GigabitEthernet1/0/1
undo shutdown
ip address 10.1.1.14 255.255.255.252
#
interface GigabitEthernet1/0/2
undo shutdown
ip address 12.1.1.1 255.255.255.252
service-manage http permit //放行http协议
service-manage https permit //放行https协议
service-manage ping permit //放行ping协议
service-manage ssh permit //放行ssh协议
service-manage snmp permit //放行snmp协议
service-manage telnet permit //放行telnet协议
#
interface GigabitEthernet1/0/3
undo shutdown
ip address 30.1.0.1 255.255.255.252
service-manage http permit //放行http协议
service-manage https permit //放行https协议
service-manage ping permit //放行ping协议
service-manage ssh permit //放行ssh协议
service-manage snmp permit //放行snmp协议
service-manage telnet permit //放行telnet协议
#
interface GigabitEthernet1/0/4
undo shutdown
ip address 40.1.0.1 255.255.255.252
service-manage http permit //放行http协议
service-manage https permit //放行https协议
service-manage ping permit //放行ping协议
service-manage ssh permit //放行ssh协议
service-manage snmp permit //放行snmp协议
service-manage telnet permit //放行telnet协议
#
interface GigabitEthernet1/0/5
undo shutdown
#
interface GigabitEthernet1/0/6
undo shutdown
interface LoopBack0 //进入环回口
ip address 11.1.1.1 255.255.255.255 //配置环回地址
firewall zone local
set priority 100
#
firewall zone trust //进入trust区域
set priority 85 //区域优先级
add interface GigabitEthernet0/0/0 //把端口加入区域
add interface GigabitEthernet1/0/0
add interface GigabitEthernet1/0/1
#
firewall zone untrust //进入untrust区域
set priority 5 //区域优先级
add interface GigabitEthernet1/0/3 //端口加入
add interface GigabitEthernet1/0/4
#
firewall zone dmz
set priority 50
add interface GigabitEthernet1/0/2
#
ospf 10 //配置ospf
area 0.0.0.1 //进入区域1
network 10.1.1.2 0.0.0.0
network 10.1.1.14 0.0.0.0 //宣告文档
network 11.1.1.1 0.0.0.0
network 30.1.0.1 0.0.0.0
network 40.1.0.1 0.0.0.0
#
ip route-static 0.0.0.0 0.0.0.0 30.1.0.2 //配置静态路由
ip route-static 0.0.0.0 0.0.0.0 40.1.0.2
#
security-policy //进入安全视图
rule name any
action permit
rule name permit //配置策略名为permit
source-zone dmz //匹配源区域为dmz
source-zone local //匹配源区域为local
source-zone trust //匹配源区域为trust
source-zone untrust //匹配源区域为untrust
destination-zone dmz //匹配目地区域为dmz
destination-zone local //匹配目地区域为local
destination-zone trust //匹配目地区域为trust
destination-zone untrust //匹配目地区域为untrust
action permit
#
return
拓扑.zip
需积分: 0 11 浏览量
2023-12-27
12:58:36
上传
评论
收藏 45KB ZIP 举报
2301_82253728
- 粉丝: 0
- 资源: 1
最新资源
- 学生成绩管理系统c++ (代码).zip
- c语言学生管理系统-项目代码资料.zip
- 课程设计机器学习报告,垃圾分类系统.zip
- app-release.apk.zip
- python-leetcode面试题解之第421题数组中两个数的最大异或值.zip
- python-leetcode面试题解之第416题分割等和子集.zip
- python-leetcode面试题解之第414题第三大的数.zip
- python-leetcode面试题解之第412题Fizz-Buzz.zip
- python-leetcode面试题解之第409题最长回文串.zip
- python-leetcode面试题解之第408题有效单词缩写.zip
资源上传下载、课程学习等过程中有任何疑问或建议,欢迎提出宝贵意见哦~我们会及时处理!
点击此处反馈