刚入行,请高手指教:4 Q) v) a! i, V# D5 \
3 ?* U6 I* `# O" y& gPIX防火墙E0(outside) 接外网光纤,E1(inside) 接内网一台电脑192.168.81.5
. w2 p# V* D* N配置如下:" ^+ k) C' l% t, n! O4 ]
PIX Version 6.3(1)' c9 p" |; z# L- w2 I) s
inte**ce ethernet0 auto2 U( |$ I% W! J* z C5 T
inte**ce ethernet1 auto
) U3 G! R$ K8 \. h0 _, d* `inte**ce ethernet2 auto shutdown
: W6 o- e, N0 M! _9 A( |nameif ethernet0 outside security0& z4 i) _4 `6 A2 {/ z
nameif ethernet1 inside security100' O1 G! O. s* W4 k* U. l+ S
nameif ethernet2 intf2 security46 a$ D5 |4 K/ _2 \ }" U
enable password 8Ry2YjIyt7RRXU24 encrypted
0 V* h6 r7 d% g! L" Opasswd 2KFQnbNIdI.2KYOU encrypted' B2 G% `' ^! G1 e( h2 \$ D
hostname PIX515. z5 d3 q8 u0 y/ S* M/ F
fixup protocol ftp 218 M5 Z3 T7 O! z m; o
fixup protocol h323 h225 1720 i- x, O: ~1 h4 ~9 x$ S/ R
fixup protocol h323 ras 1718-17190 w! h& l2 ]. f7 r6 Y- r+ O
fixup protocol http 80
+ z3 d$ d+ G8 R* W, q- S: ffixup protocol ils 389
- U5 D2 b8 z) k4 jfixup protocol rsh 5141 R( u; A; G t8 l
fixup protocol rtsp 554* Z5 [$ j6 g5 |" Y
fixup protocol sip 5060
! ]9 [0 A5 T/ Qfixup protocol sip udp 5060; @' u ]. t }6 i! v
fixup protocol skinny 20001 g2 k K- Z3 i) R
fixup protocol smtp 25
9 `& z) H% b1 @7 F: r! @fixup protocol sqlnet 1521
" S9 Y# a' d5 b3 V: qnames
9 U) j/ v/ v' i1 i' M1 j% t6 Mpager lines 24
: Y4 g$ x3 c Sicmp permit any outside
8 g, T, w* u# oicmp permit any inside
& H) `/ {& [2 T7 n; J( a$ ]mtu outside 1500: g* p1 N8 d Z$ l- N
mtu inside 15008 i, O8 g5 k6 _# q
mtu intf2 1500
1 y! \+ ~, {. D2 b, t' uip address outside 110.86.8.234 255.255.255.248
0 u6 H1 C* \- z4 C" @5 wip address inside 192.168.81.5 255.255.255.0, l/ l5 a: d. d4 s. ^3 {
no ip address intf2
1 G' J e9 @& f6 D {ip audit info action alarm
; m5 x* a+ }* y9 B3 K0 bip audit attack action alarm2 }4 J# M9 H+ |( W
no failover
* \0 Q$ _# q; P1 ffailover timeout 0:00:00
# q: e" T8 M6 |- {! j, G! r, Dfailover poll 152 k% C2 ]6 \( U: | _( K! X6 B
no failover ip address outside6 R, L& D3 S1 b- u
no failover ip address inside- e6 ?) s9 a; u1 X6 Y @7 ^! a
no failover ip address intf2
* u, t: l' R9 |. }7 {! opdm history enable. H2 f$ Q C( K, i* T) R
arp timeout 14400- [9 [: Z$ b7 O8 J( D/ f3 Z5 V
global (outside) 1 inte**ce/ s o, o# m2 W$ k, H% n
nat (inside) 1 0.0.0.0 0.0.0.0 0 0
, @! G6 O+ z- h* b1 aroute outside 0.0.0.0 0.0.0.0 110.86.8.233 1
: c' n+ B% K* ^6 A! Stimeout xlate 3:00:00
9 l: t! z- |. Ltimeout conn 1:00:00 half-closed 0:10:00 udp 0:02:00 rpc 0:10:00 h225 1:00:00
+ ]+ X3 z+ w4 n, T3 c1 h: Utimeout h323 0:05:00 mgcp 0:05:00 sip 0:30:00 sip_media 0:02:00
3 d9 B2 W. k4 j8 o1 D' N# ]timeout uauth 0:05:00 absolute) U* [' F- i/ C! F) X1 w
aaa-server TACACS+ protocol tacacs+
# D2 r( B! U% k+ m% J1 J6 a6 Faaa-server RADIUS protocol radius & R8 G4 t0 j4 Y3 N6 M6 {; }
aaa-server LOCAL protocol local
! Q( Y& ^$ G5 U \) G% ^& ano snmp-server location y( ^* p# T. Q/ g! v
no snmp-server contact
) X8 T6 o+ [+ J+ |2 Rsnmp-server community public
# K. \6 T, [, a& k" uno snmp-server enable traps/ H1 E* A3 G& v; Z
floodguard enable
% m! i0 w: t* N0 x2 C; W. |* `+ Ctelnet timeout 5
: B* `3 L5 m1 N. Z0 ?ssh timeout 5
$ [+ z, \/ l5 I. [6 r- k: I6 fc**ole timeout 0
+ g5 `% F0 n5 K: }& a' i" {: oterminal width 80
( ?/ M7 ^/ m7 V! \) P1 y( F. pCryptochecksum:d41d8cd98f00b204e9800998ecf8427e
: s2 ]7 p; J, o* A2 |: end
9 t! y$ J4 `) Q9 q
' F) C V! I! ^# INAT不通(内网电脑不能上外网),请高手指教 |
|
所有IT类厂商认证考试题库下载
【新盟教育】2023最新华为HCIA全套视频合集【网工基础全覆盖】---国sir公开课合集
【新盟教育】网工小白必看的!2023最新版华为认证HCIA Datacom零基础全套实战课
原创_超融合自动化运维工具cvTools
重量级~~30多套JAVA就业班全套 视频教程(请尽快下载,链接失效后不补)
链接已失效【超过几百G】EVE 国内和国外镜像 全有了 百度群分享
某linux大佬,积累多年的电子书(约300本)
乾颐堂现任明教教主Python完整版
乾颐堂 教主技术进化论 2018-2019年 最新31-50期合集视频(各种最新技术杂谈视频)
Python学习视频 0起点视频 入门到项目实战篇 Python3.5.2视频教程 共847集 能学102天
约21套Python视频合集 核心基础视频教程(共310G,已压缩)
最新20180811录制 IT爱好者-清风羽毛 - 网络安全IPSec VPN实验指南视频教程
最新20180807录制EVE开机自启动虚拟路由器并桥接物理网卡充当思科路由器
