扫一扫
分享文章到微信
扫一扫
关注官方公众号
至顶头条
结构图如下:
PIX 520
Two Interface Multiple ServerConfiguration
nameif ethernet0 outside security0
nameif ethernet0 inside security100
interface ethernet0 auto
interface ethernet1 auto
ip address inside 10.1.1.1 255.0.0.0
ip address outside 204.31.17.10 255.255.255.0
logging on
logging host 10.1.1.11
logging trap 7
logging facility 20
no logging console
arptimeout 600
nat(inside) 1 10.0.0.0 255.0.0.0
nat (inside) 2 192.168.3.0 255.255.255.0
global (outside) 1 204.31.1.25-204.31.17.27
global (outside) 1 204.31.1.24
global (outside) 2 192.159.1.1-192.159.1.254
conduit permit icmp any any
outbound 10 deny 192.168.3.3 255.255.255.255 1720
outbound 10 deny 0 0 80
outbound 10 permit 192.168.3.3 255.255.255.255 80
outbound 10 deny 192.168.3.3 255.255.255.255 java
outbound 10 permit 10.1.1.11 255.255.255.255 80
apply (inside) 10 outgoing_src
no ripoutside passive
no rip outside default
rip inside passive
rip inside default
route outside 0 0 204.31.17.1.1
tacacs-server host 10.1.1.12 lq2w3e
aaa authentication any inside 192.168.3.0 255.255.255.0 0 0 tacacs+
aaa authentication any inside 192.168.3.0 255.255.255.0 0 0
static (inside,outside) 204.31.19.0 192.168.3.0 netmask 255.255.255.0
conduit permit tcp 204.31.19.0 255.255.255.0 eg h323 any
static (inside,outside) 204.31.17.29 10.1.1.11
conduit permit tcp host 204.31.17.29 eq 80 any
conduit permit udp host 204.31.17.29 eq rpc host 204.31.17.17
conduit permit udp host 204.31.17.29 eq 2049 host 204.31.17.17
static (inside.outside) 204.31.1.30 10.1.1.3 netmask 255.255.255.255 10 10
conduit permit tcp host 204.31.1.30 eq smtp any
conduit permit tcp host 204.31.1.30 eq 113 any
snmp-server host 192.168.3.2
snmp-server location building 42
snmp-server contact polly hedra
snmp-server community ohwhatakeyisthee
telnet10.1.1.11 255.255.255.255
telnet 192.168.3.0 255.255.255.0
如果您非常迫切的想了解IT领域最新产品与技术信息,那么订阅至顶网技术邮件将是您的最佳途径之一。