文档介绍:This model paper was revised by the Standardization Office on December 10, 2020
C防火墙配置实例
本文为大家介绍一个H3C防火墙的配 This model paper was revised by the Standardization Office on December 10, 2020
C防火墙配置实例
本文为大家介绍一个H3C防火墙的配置实例,配置内容包括:配置接口IP地址、配置区域、配置NAT地址转换、配置访问策略等,组网拓扑及需求如下。
1、网络拓扑图
2、配置要求
3、防火墙的配置脚本如下
<H3CF100A>discur
#
sysnameH3CF100A
#
superpasswordlevel3cipher6aQ>Q57-$.I)0;4:\(I41!!!
#
firewallpacket-filterenable
firewallpacket-filterdefaultpermit
#
insulate
#
natstaticinsideipglobalip
natstaticinsideipglobalip
#
firewallstatisticsystemenable
#
radiusschemesystem
server-typeextended
#
domainsystem
#
local-usernet1980
passwordcipher######
service-typetelnet
level2
#
aspf-policy1
detecth323
detectsqlnet
detectrtsp
detecthttp
detectsmtp
detectftp
detecttcp
detectudp
#
objectaddress
objectaddress
#
aclnumber3001
descriptionout-inside
rule1permittcpsource0destination0destination-porteq1433
rule2permittcpsource0destination0destination-porteqwww
rule1000denyip
aclnumber3002
descriptioninside-to-outside
rule1permitipsource0
rule2permitipsource0
rule1000denyip
#
interfaceAux0
asyncmodeflow
#
interfaceEthernet0/0
shutdown
#
interfaceEthernet0/1
shutdown
#
interfaceEthernet0/2
speed100
duplexfull
descriptiontoserver
ipaddress
firewallpacket-filter3002inbound
firewallaspf1outbound
#