1.网络拓扑如下图
5 F; n9 r% i' M; \, }3 Yscreen.width*0.6) {this.width=screen.width*0.6;this.alt='';this.onmouseover=this.style.cursor='pointer';this.onclick=function(){window.open('http://www.eask.tk/nat/001.jpg')}}" />
& O, ^% G) V+ n' f8 ] Z# \2.CISCO pix515e使用PDM3.0配置如下6 z) P0 z" F" h. ?4 S8 y* V
screen.width*0.6) {this.width=screen.width*0.6;this.alt='';this.onmouseover=this.style.cursor='pointer';this.onclick=function(){window.open('http://www.eask.tk/nat/002.jpg')}}" />
5 G3 c) K0 _8 K/ z& I( J, pscreen.width*0.6) {this.width=screen.width*0.6;this.alt='';this.onmouseover=this.style.cursor='pointer';this.onclick=function(){window.open('http://www.eask.tk/nat/003.jpg')}}" />
7 Z. q3 w, ~3 @( j& oscreen.width*0.6) {this.width=screen.width*0.6;this.alt='';this.onmouseover=this.style.cursor='pointer';this.onclick=function(){window.open('http://www.eask.tk/nat/004.jpg')}}" />0 S1 r- u% {( ?9 i* G
screen.width*0.6) {this.width=screen.width*0.6;this.alt='';this.onmouseover=this.style.cursor='pointer';this.onclick=function(){window.open('http://www.eask.tk/nat/005.jpg')}}" />
4 n3 N$ y/ O! I4 |" ^# Jscreen.width*0.6) {this.width=screen.width*0.6;this.alt='';this.onmouseover=this.style.cursor='pointer';this.onclick=function(){window.open('http://www.eask.tk/nat/006.jpg')}}" />
" H. w% X1 ?( pscreen.width*0.6) {this.width=screen.width*0.6;this.alt='';this.onmouseover=this.style.cursor='pointer';this.onclick=function(){window.open('http://www.eask.tk/nat/007.jpg')}}" />& A( g2 l0 U5 `* v" t+ k5 V
0 z8 p5 o, N: K* Z3.拟实现的网络功能:公网计算机通过光纤、ADSL、WIFI、mobile等方式接入因特网,再通过windows自带的虚拟专用网拨号连接或者CISCO的VPN cilent拨入PIX515e内部的VpnServer,以实现接入VpnServer所在的局域网,共享局域网内的资源,VPN Server在内网测试通过。
) x( D6 ~. _# W
$ L1 ~& m- e `; c0 R4.遇到的问题:公网计算机无法通过pix515e的公网地址向内穿越NAT拨入VPNserver。能否在pix515e上建立一条Vpn Tunnel以实现第3条的网络功能,该如何建立。: z( l9 y9 I$ e/ P/ n% i0 y
, q1 ~5 u1 N: z# w/ `' R
5.已失败的方法/ Y7 N$ N3 E z" L
2 }+ W* E% W5 h- }5 C. n" I
A:端口映射,该思科设备通过NAT功能将内网IP转换为公网IP,不是路由器,无法做端口映射。
! x% @- S& h1 a$ |2 x+ A7 V9 t( x! F
B:在PDM3.0上尝试对PIX515e进行VPN的设置,未能凑效。
9 ~* }1 c8 c* A& n- @: z: b8 u |: V" O7 c/ J7 A7 o
C:逆向NAT失败,PDM3.0不允许。2 {. Q" Y$ z% K( ]2 l/ U* |( g
# q: ^7 e; C5 @) j设备目前的配置列表( S( w r4 ]; d. a) E: |+ J
1 u1 P9 I; a1 u3 D) Y1 g" a) ?& qBuilding configuration...+ G& p" A4 x# m
: Saved% x5 F k$ o3 K
:) \) w! a& ` `% Y1 i
PIX Version 6.3(3): N7 X- I: K8 [- b' w3 y7 m. P K
interface ethernet0 auto
5 L$ d; i0 @9 Q; Sinterface ethernet1 auto
" R. v' x R o$ anameif ethernet0 outside security0
, X3 J! p, v' e/ n! A0 C) B0 x( Znameif ethernet1 inside security100& t I+ O4 L5 A8 b
enable password /NNcO2U/e4a3IAX3 encrypted9 d3 u1 B" x5 {9 _) w1 D, p
passwd 2KFQnbNIdI.2KYOU encrypted
( T3 a" @' d' n. n d$ Phostname huawei! a- z; q% I8 P' ~
domain-name huawei.com
' h0 t+ [& }- ^* K O( Wfixup protocol dns maximum-length 512- k5 \$ m+ O, c& I+ ?
fixup protocol ftp 21
, B9 h% I7 P, Rfixup protocol h323 h225 1720
- S4 f0 p4 f) `1 ~( V* I+ Ofixup protocol h323 ras 1718-1719" j+ O% y8 t/ X
fixup protocol http 80
; u5 B: \# Y ofixup protocol rsh 514
7 E* w7 X+ d. K: e2 ofixup protocol rtsp 554
+ r' X6 r& d$ u9 H) D" [; [! x& Hfixup protocol sip 5060: [ B' G. c9 ^6 M6 M5 [) q- P2 {
fixup protocol sip udp 5060: u9 t* C; V8 }0 l9 Z( g
fixup protocol skinny 2000
, ?5 e3 }0 u% J, jfixup protocol smtp 25
" w3 C* d1 D" J/ l! Jfixup protocol sqlnet 15218 z* @7 i9 C4 z0 A+ G5 m+ [4 W; ]' L W- s
fixup protocol tftp 69 s: m' v2 Y, Q+ w6 I
names
6 T0 ], ^/ ?9 r3 [access-list outside_inbound_nat0_acl permit ip interface outside 192.168.0.0 255.255.255.0 # [$ A+ X [- u' a5 F
pager lines 246 n8 S% K/ c' B4 S
mtu outside 1500) A1 `8 ^8 [: f6 h
mtu inside 1500; I3 m _ \, `/ A6 J4 ]( i
ip address outside 221.XXX.138.250 255.255.255.2527 S+ N1 \6 N# ^5 X! z
ip address inside 192.168.0.254 255.255.255.0" A9 Z3 i B0 E7 T- C- `8 R X- _4 C
ip audit info action alarm
9 Z' w' I% f4 l' X% f/ d+ Nip audit attack action alarm
1 u" F% M7 `- y( N P9 kpdm location 192.168.0.3 255.255.255.255 inside
/ }1 |% r) G. t$ Xpdm location 192.168.0.24 255.255.255.255 inside; \; x3 R$ Z; d7 h6 G# f
pdm location 192.168.0.1 255.255.255.255 inside
: M! K" z! c9 m, D" H! qpdm location 192.168.0.2 255.255.255.255 inside* H% d% l* [! e. X( _# a1 d2 }
pdm location 192.168.0.12 255.255.255.255 inside
8 @: j8 J/ g! g. Xpdm location 192.168.0.10 255.255.255.255 inside9 }5 d; d( G6 F1 Q6 N3 M4 D
pdm location 192.168.0.16 255.255.255.255 inside) K8 h( Z. |4 [" f' W
pdm location 192.168.0.19 255.255.255.255 inside
" g' F$ k6 `1 ]! b7 Rpdm location 192.168.0.20 255.255.255.255 inside
( q" w/ s* p" \; m: Qpdm location 192.168.0.22 255.255.255.255 inside2 e8 s+ d2 |2 ]
pdm location 192.168.0.23 255.255.255.255 inside3 Y4 L' R8 T# y: ?
pdm location 192.168.0.34 255.255.255.255 inside$ ?+ E& n6 V! W, ^9 a( _- n$ P
pdm location 192.168.0.38 255.255.255.255 inside
4 g: z/ h$ V8 g& g1 p7 |: gpdm location 192.168.0.40 255.255.255.255 inside. u- A4 E" L5 l! T) r
pdm location 192.168.0.58 255.255.255.255 inside. U2 L7 C1 z- j: }& _8 N6 C8 Q
pdm location 192.168.0.17 255.255.255.255 inside' u, `% {0 o* m# q& r6 @ r
pdm location 192.168.0.39 255.255.255.255 inside1 g/ J6 s# `8 B! o; p8 I1 b- n
pdm location 192.168.0.41 255.255.255.255 inside1 G! E4 I' H) |* Y
pdm location 192.168.0.13 255.255.255.255 inside i! S4 m$ n+ P2 ~* R k
pdm location 192.168.0.42 255.255.255.255 inside& P0 Q+ S, m. Q6 h4 ?- |; P* @
pdm location 192.168.0.45 255.255.255.255 inside1 Z8 n% `/ D/ V0 O5 T) Z8 P% e+ m/ h
pdm location 192.168.0.46 255.255.255.255 inside
7 L; b6 `) @' ^pdm location 192.168.0.47 255.255.255.255 inside% ^+ D2 L1 m0 Y: o8 s; r
pdm location 192.168.0.50 255.255.255.255 inside
% P2 [$ o5 D, N2 W' p4 A3 C, t+ m# Kpdm location 192.168.0.25 255.255.255.255 inside) j1 W0 Z7 @8 B# _3 p/ I2 N
pdm location 192.168.0.4 255.255.255.255 inside8 g$ a' m l, q- U# Z
pdm location 192.168.0.6 255.255.255.255 inside J7 ^' c- s; D5 Y( q
pdm location 192.168.0.35 255.255.255.255 inside f7 G, W- d) Z7 e6 O0 T+ K
pdm location 192.168.0.21 255.255.255.255 inside; {: b! I; H, i6 t5 D: K. y0 i
pdm location 192.168.0.200 255.255.255.255 inside1 j$ ~- _0 p* y6 I' W
pdm location 192.168.0.48 255.255.255.255 inside
7 J! Y* N. j- [pdm location 192.168.0.60 255.255.255.255 inside
9 {; B7 c P. R, Hpdm location 192.168.0.51 255.255.255.255 inside7 |6 H* t6 M! I( ~
pdm location 192.168.0.32 255.255.255.255 inside# `9 h$ R$ w4 f1 H
pdm location 192.168.0.18 255.255.255.255 inside
8 E7 h( J; I+ A* `" J( updm location 192.168.0.7 255.255.255.255 inside4 D s9 |' j0 y0 G" T# i( c
pdm location 192.168.0.201 255.255.255.255 inside- ~3 J) q) x& \/ E
pdm location 192.168.0.36 255.255.255.255 inside% G1 ~) H* q" y" Z9 }& ^
pdm location 192.168.0.100 255.255.255.255 inside
$ R4 {3 W4 V/ F7 s- `, A8 [4 Spdm location 192.168.0.5 255.255.255.255 inside- J+ ~0 h. X/ _1 J
pdm location 192.168.0.202 255.255.255.255 inside* N! a. p7 F, Y* k/ [5 u/ N, Q
pdm location 192.168.0.26 255.255.255.255 inside$ c- n- h, G1 N- p
pdm location 192.168.0.203 255.255.255.255 inside
' {$ i, Y# C: `; v+ `! N5 D4 Cpdm location 192.168.0.14 255.255.255.255 inside9 Q6 B% M) s( ~8 t
pdm location 192.168.0.204 255.255.255.255 inside ~" Z. a$ ^) f) f+ H8 {
pdm location 192.168.0.251 255.255.255.255 inside
/ U7 w+ S/ f! N) k! Q9 J$ vpdm location 192.168.0.205 255.255.255.255 inside% z% v6 s! ?" _. m
pdm location 192.168.0.206 255.255.255.255 inside
7 j3 k& Z" O8 I7 P0 L4 Ipdm location 192.168.0.207 255.255.255.255 inside# n+ `' ^( r1 j8 @; s/ s
pdm location 192.168.0.208 255.255.255.255 inside6 l5 Z5 Z; D- f2 ]
pdm location 192.168.0.209 255.255.255.255 inside$ x! G8 x+ v0 |1 u0 W) F
pdm location 192.168.0.108 255.255.255.255 inside& [# E+ ?$ Y' s! p
pdm location 192.168.0.31 255.255.255.255 inside: h8 ?" f! X0 Y: q' R6 U0 \
pdm location 192.168.0.30 255.255.255.255 inside% o0 v* C# l* ^8 R
pdm location 192.168.0.210 255.255.255.255 inside9 n" N# n: f, k$ B- d2 q
pdm location 192.168.0.8 255.255.255.255 inside! N2 n: Y! R7 L, F
pdm location 192.168.0.11 255.255.255.255 inside
& O4 L* ^' O3 u. q3 Opdm location 192.168.0.29 255.255.255.255 inside
! w- e* `9 X* P8 e$ y, a, npdm location 192.168.0.109 255.255.255.255 inside# a# O2 h' ^; B. m7 D* u8 P
pdm location 192.168.0.111 255.255.255.255 inside
; v! W& @6 y M* `pdm location 192.168.0.116 255.255.255.255 inside3 T9 I- W: `3 z5 i R2 |: |
pdm location 192.168.0.113 255.255.255.255 inside
7 u- r. b. T) N/ S5 Ypdm location 192.168.0.107 255.255.255.255 inside
9 b6 q7 l# Z% S7 z- hpdm location 192.168.0.240 255.255.255.255 inside
" W. k1 c% [+ lpdm location 192.168.0.241 255.255.255.255 inside
' H6 K* A0 ^2 s; k( u/ _pdm location 192.168.0.233 255.255.255.255 inside
* B, a/ j" z$ I+ l) [- Q+ }( fpdm location 192.168.0.250 255.255.255.255 inside0 J. ^1 I* E$ K9 M0 ?* ^+ C# Q8 V
pdm location 192.168.0.252 255.255.255.255 inside
+ |$ s7 z; W$ U" s8 p$ Y, Opdm location 192.168.0.253 255.255.255.255 inside0 l. d. h: Z& y1 T
pdm location 192.168.0.44 255.255.255.255 inside" O% z& A/ D, Y9 i
pdm location 192.168.0.242 255.255.255.255 inside2 x5 R f7 ]4 _ J0 _( k: A4 U7 [, e( y
pdm location 192.168.0.239 255.255.255.255 inside
$ E( w+ I0 f) e/ R' b8 Rpdm location 192.168.0.27 255.255.255.255 inside
! L! h: Z. Z% B1 jpdm location 192.168.0.249 255.255.255.255 inside
# n A' C* r% ]: \+ l# xpdm location 192.168.0.61 255.255.255.255 inside
6 b: v3 a) L, O* ?& ipdm location 192.168.0.62 255.255.255.255 inside
: Y2 x: e' _! M& p9 f* w; ?pdm location 192.168.0.63 255.255.255.255 inside
$ |. \- |* ]% I7 n+ I# h$ P7 Gpdm location 192.168.0.64 255.255.255.255 inside, E7 Z; d1 g+ c: |8 N
pdm location 192.168.0.68 255.255.255.255 inside
4 J& `$ P. I# }) `: w0 \- mpdm location 192.168.0.211 255.255.255.255 inside
7 s. o# Y$ Y+ }/ jpdm location 192.168.0.70 255.255.255.255 inside
K- m; \& s7 _& W( cpdm location 192.168.0.65 255.255.255.255 inside
8 } c2 B& m, Xpdm location 192.168.0.121 255.255.255.255 inside
( Y. s ^6 `4 Ypdm location 192.168.0.247 255.255.255.255 inside7 [2 a3 w( G; D3 }$ c/ O
pdm location 192.168.0.37 255.255.255.255 inside
: @, q( _. F9 [pdm location 192.168.0.73 255.255.255.255 inside: q# r5 {% W" L# N& B: w/ G& V
pdm location 192.168.0.112 255.255.255.255 inside; o9 \' L0 H! Y6 w# v7 x5 a
pdm location 192.168.0.57 255.255.255.255 inside
. _: R6 a& l4 H& ~pdm location 192.168.0.99 255.255.255.255 inside
% M: _8 g' p1 g% u" l$ M* [pdm location 192.168.0.124 255.255.255.255 inside" I1 j8 m3 r; U& l4 h/ \
pdm location 192.168.0.52 255.255.255.255 inside3 F4 l. {$ Z; W% D4 b' g: K
pdm location 192.168.0.118 255.255.255.255 inside
& q" v0 w2 e9 y: x% Epdm location 192.168.0.122 255.255.255.255 inside8 R9 J) i3 \# w W) V$ n2 ~
pdm location 192.168.0.49 255.255.255.255 inside
$ q$ L7 y; C8 u3 C1 Xpdm location 192.168.0.55 255.255.255.255 inside
8 B) O6 M* S' r7 k; npdm location 192.168.0.43 255.255.255.255 inside
. P5 {% |- z% ?' D- B+ Bpdm location 192.168.0.103 255.255.255.255 inside
) t2 V" O* ~" a: Lpdm location 192.168.0.54 255.255.255.255 inside
5 T* L" P# w7 g7 S5 V- E( p: }pdm location 192.168.0.243 255.255.255.255 inside
, h) t% I8 v% mpdm location 192.168.0.244 255.255.255.255 inside
8 N0 b& F0 p: u0 kpdm location 192.168.0.230 255.255.255.255 inside
' \. z# j$ m' D# Qpdm location 192.168.0.135 255.255.255.255 inside
" u" _% w8 x0 x/ Fpdm location 192.168.0.115 255.255.255.255 inside3 _ k7 e D+ ^; C8 k
pdm location 192.168.0.245 255.255.255.255 inside
+ c, h" Q: T: ~3 v& Xpdm location 192.168.0.238 255.255.255.255 inside; [0 B# j3 I) g6 a
pdm location 192.168.0.237 255.255.255.255 inside9 Q; O: z6 B1 z8 Z
pdm location 192.168.0.231 255.255.255.255 inside
5 o' v* g* L/ {8 bpdm location 192.168.0.235 255.255.255.255 inside# U( H, ~) k: t8 j- V1 d, h( d
pdm location 192.168.0.236 255.255.255.255 inside9 N; c4 u% F* I. n2 {. b% H/ b: f
pdm location 192.168.0.190 255.255.255.255 inside
' c+ a0 J$ z8 B, u( W/ s, T) zpdm location 192.168.0.181 255.255.255.255 inside
9 C% G: u2 e4 \9 I+ ppdm location 192.168.0.9 255.255.255.255 inside2 g0 b) Q$ e* }8 i" h9 _# S
pdm location 192.168.0.246 255.255.255.255 inside
/ v' w& z0 ?4 A2 O8 u( e ypdm location 192.168.0.59 255.255.255.255 inside
% A# _1 A6 J' h7 A0 qpdm location 192.168.0.191 255.255.255.255 inside6 Y6 v. M- ?+ ?# `2 q. v) f
pdm location 192.168.0.117 255.255.255.255 inside7 J, _; p1 N/ G1 w
pdm location 192.168.0.171 255.255.255.255 inside
. z+ n7 F$ x- i! |' f( K6 spdm location 192.168.0.53 255.255.255.255 inside- d7 f# K% r" L8 y
pdm location 192.168.0.130 255.255.255.255 inside! w, q* y0 h: E8 u
pdm location 192.168.0.91 255.255.255.255 inside
( N( R4 T/ K$ |' Z1 R- Zpdm location 192.168.0.140 255.255.255.255 inside0 K7 H! @: t. [) x
pdm location 192.168.0.220 255.255.255.255 inside! N5 V' R! O& l0 C# ^7 a" B
pdm location 192.168.0.119 255.255.255.255 inside: i9 ]6 r7 J7 v9 q& K5 }' J
pdm location 192.168.0.223 255.255.255.255 inside
6 W3 i# s/ A5 c8 Hpdm location 192.168.0.106 255.255.255.255 inside& x$ J! A* [4 l4 @* W! S, r
pdm location 192.168.0.123 255.255.255.255 inside
+ U& e6 q+ r ]pdm location 192.168.0.67 255.255.255.255 inside
$ K( P" Y8 y4 S( fpdm location 192.168.0.219 255.255.255.255 inside Q* Y* Y+ d% B" U; s1 y0 S/ B
pdm location 192.168.0.56 255.255.255.255 inside
* e1 {. E* @/ h% T/ ipdm location 192.168.0.66 255.255.255.255 inside2 U6 \/ O) a! A8 ]
pdm location 192.168.0.76 255.255.255.255 inside+ B. Q/ W$ D! A9 a9 g, Q
pdm location 192.168.0.102 255.255.255.255 inside
" C, z, c, _' D" {6 a @0 y9 R* Rpdm location 192.168.0.170 255.255.255.255 inside6 R5 z3 ]$ ^& r8 j( |
pdm location 192.168.0.172 255.255.255.255 inside
8 o( f/ G+ ]1 m0 x3 Opdm location 192.168.0.173 255.255.255.255 inside
' K; [+ I" E/ x* o$ J9 Gpdm location 192.168.0.174 255.255.255.255 inside
1 d6 U$ R" N/ I7 e6 \ Vpdm location 192.168.0.175 255.255.255.255 inside8 A$ M% o2 c/ x& v
pdm location 192.168.0.160 255.255.255.255 inside
' V: \! {3 Z/ ?: X9 L3 a7 W. y1 mpdm location 192.168.0.138 255.255.255.255 inside
8 `' ^" o& A: z1 W( M/ Spdm location 192.168.0.78 255.255.255.255 inside
) h9 k5 Z+ N) w, k1 F# Z5 x) ~pdm location 192.168.0.69 255.255.255.255 inside
7 i( `1 v0 |( B6 l5 n+ epdm location 192.168.0.221 255.255.255.255 inside
) `# `! s) V: V4 R" epdm location 192.168.0.110 255.255.255.255 inside
6 R2 N0 D4 c- Hpdm location 192.168.0.232 255.255.255.255 inside
* c' B2 E: g. Tpdm location 192.168.0.80 255.255.255.255 inside0 ]3 P1 c3 E, [- ^) |1 }4 X
pdm location 192.168.0.81 255.255.255.255 inside
. H9 B0 r% C P, ?3 Apdm location 192.168.0.82 255.255.255.255 inside# F* k: I0 |; M; |' P' t/ d9 u2 G
pdm location 192.168.0.83 255.255.255.255 inside
' z6 G. I' D/ xpdm location 192.168.0.84 255.255.255.255 inside* j& \+ y, k! g6 t' y" _ Q
pdm location 192.168.0.85 255.255.255.255 inside
8 r! w; u; F5 ]pdm location 192.168.0.86 255.255.255.255 inside
+ H2 r! f C& X% A2 @( ypdm location 192.168.0.87 255.255.255.255 inside
9 w6 g( G+ Z3 h" C$ T" @4 H1 Q& ^pdm location 192.168.0.88 255.255.255.255 inside' A% Z; j& d Y0 I! i9 o
pdm location 192.168.0.89 255.255.255.255 inside5 Q' n* B. o5 Q/ G
pdm location 192.168.0.90 255.255.255.255 inside: D7 z% t4 T& P1 D7 v- J
pdm location 192.168.0.28 255.255.255.255 inside
/ g; u1 Q, e7 M4 `/ v- Wpdm location 192.168.0.234 255.255.255.255 inside
- @" |+ I, E$ bpdm location 192.168.0.222 255.255.255.255 inside
0 e6 y" c: [+ D9 ~7 V" b$ [pdm location 192.168.0.150 255.255.255.255 inside
3 h/ a$ v: g$ l" b4 M3 lpdm location 192.168.0.151 255.255.255.255 inside1 ^" R( M, A% {; |, e
pdm location 192.168.0.152 255.255.255.255 inside i( W; r2 B9 z4 c! T
pdm location 192.168.0.77 255.255.255.255 inside' Y$ I& ^. a: I, w" \5 _2 k
pdm location 192.168.0.72 255.255.255.255 inside& {# c9 {! O W! q$ l4 S( }* f: E
pdm location 192.168.0.225 255.255.255.255 inside
7 H) s( a/ x8 ~& B, \3 ], [pdm location 192.168.0.161 255.255.255.255 inside
5 O. N: a9 j2 gpdm location 192.168.0.92 255.255.255.255 inside& p5 R: ^- H& c* O P
pdm location 192.168.0.192 255.255.255.255 inside
3 U$ A K/ p/ H- I% g$ epdm location 192.168.0.193 255.255.255.255 inside( R1 @# @$ s6 \. h" c) P
pdm location 192.168.0.15 255.255.255.255 inside6 A7 r0 C5 z! [
pdm location 192.168.0.33 255.255.255.255 inside s1 A7 `3 u V( h. C% {& Q
pdm location 192.168.0.79 255.255.255.255 inside
# t O5 Z) C7 E9 @5 n7 ~pdm location 192.168.0.93 255.255.255.255 inside" j7 Q, f0 a. w
pdm location 192.168.0.94 255.255.255.255 inside: ?0 A8 d! H! b8 k4 m$ O, E% w
pdm location 192.168.0.95 255.255.255.255 inside6 X1 y6 z4 h0 B8 v/ Y: @+ s
pdm location 192.168.0.96 255.255.255.255 inside- P$ v5 G5 w( m* `6 P! E
pdm location 192.168.0.97 255.255.255.255 inside
' l, D6 R# J" \7 U! } Spdm location 192.168.0.98 255.255.255.255 inside
! K: h* R! Y4 y% w6 |& tpdm location 192.168.0.101 255.255.255.255 inside# T7 ?# W( \ C. }. U: H
pdm location 192.168.0.104 255.255.255.255 inside/ p3 {) K- z0 T2 c( |( Z
pdm location 221.XXX.138.250 255.255.255.255 inside3 E0 A" [ B. E0 z, c% E& d: T/ l
pdm location 192.168.0.71 255.255.255.255 inside
( A8 R9 Y- x2 c! cpdm location 192.168.0.185 255.255.255.255 inside8 @- s) I1 P6 m! G8 q7 s& e/ t
pdm location 192.168.0.75 255.255.255.255 inside
! q( g+ c1 Z) n4 Q5 z# g$ hpdm location 192.168.0.120 255.255.255.255 inside
6 H7 v. H, A5 ?0 W' Zpdm location 192.168.0.212 255.255.255.255 inside
0 p. f0 n ~' q) k% t1 Qpdm location 192.168.0.213 255.255.255.255 inside
- P" n5 V- _4 ppdm location 192.168.0.214 255.255.255.255 inside
* Z8 I R K. J# [, S: rpdm location 192.168.0.215 255.255.255.255 inside
9 f" e, B) k- o5 w4 Gpdm location 192.168.0.128 255.255.255.192 outside& F" |* P, C9 f& J0 X( ~0 A
pdm history enable, C' N, a, `% o- F& p; ^; T
arp timeout 14400, Y, u# N- s) E2 r
global (outside) 10 interface
8 E/ E" O8 ?+ b. vnat (outside) 0 access-list outside_inbound_nat0_acl outside$ M9 I6 ~' o( e0 Q8 I7 l
nat (inside) 10 192.168.0.1 255.255.255.255 0 0
; K) ~4 @5 D3 Pnat (inside) 10 192.168.0.3 255.255.255.255 0 02 P3 |8 X& }7 S" S; ~
nat (inside) 10 192.168.0.4 255.255.255.255 0 0
7 L' B4 P$ g' onat (inside) 10 192.168.0.5 255.255.255.255 0 0
, E/ n7 W2 D& M# Bnat (inside) 10 192.168.0.10 255.255.255.255 0 0 T0 v- b, a0 b( h1 U5 j
nat (inside) 10 192.168.0.11 255.255.255.255 0 0" _' ^6 T0 g/ D' P
nat (inside) 10 192.168.0.12 255.255.255.255 0 0% x8 f* }& @* `- ?" k; Z" _- e, U$ U6 s
nat (inside) 10 192.168.0.13 255.255.255.255 0 0
0 e0 c1 M7 G8 \nat (inside) 10 192.168.0.14 255.255.255.255 0 0
% A k7 x$ }3 f7 N7 Xnat (inside) 10 192.168.0.15 255.255.255.255 0 0* l Q& ]% C2 G
nat (inside) 10 192.168.0.16 255.255.255.255 0 0 C' S4 ?9 T9 B8 O S; S, v% G
nat (inside) 10 192.168.0.17 255.255.255.255 0 0
/ K& L9 e5 I8 m5 J+ y# Hnat (inside) 10 192.168.0.21 255.255.255.255 0 0/ ^8 C$ B; W+ B; [
nat (inside) 10 192.168.0.22 255.255.255.255 0 06 P. I# Z3 h* O# l, s' h% K
nat (inside) 10 192.168.0.23 255.255.255.255 0 0, ^+ B% D6 i4 G7 e- P$ ^
nat (inside) 10 192.168.0.24 255.255.255.255 0 0& n4 ]' y& k9 B9 q% ? G4 A( I
nat (inside) 10 192.168.0.25 255.255.255.255 0 0" B1 ~/ w1 _: g* n+ ^
nat (inside) 10 192.168.0.26 255.255.255.255 0 0
2 b+ K- E* f' xnat (inside) 10 192.168.0.27 255.255.255.255 0 0
' V& p; o; K9 o" s% [/ R: hnat (inside) 10 192.168.0.29 255.255.255.255 0 0
& ~5 Q" ?, @- Pnat (inside) 10 192.168.0.31 255.255.255.255 0 0. `2 t0 y j* l( f" r: P
nat (inside) 10 192.168.0.32 255.255.255.255 0 0
5 S# O" w! X$ l$ Y7 F O7 x5 h* c- g$ pnat (inside) 10 192.168.0.33 255.255.255.255 0 06 P# S- g3 n' `# x4 ]1 K3 J; S# t
nat (inside) 10 192.168.0.34 255.255.255.255 0 0
0 ~- F, D+ k9 x4 m% u' @' r2 h* inat (inside) 10 192.168.0.37 255.255.255.255 0 0
# y( R$ F2 t: Dnat (inside) 10 192.168.0.39 255.255.255.255 0 0
, D5 c' X6 R* o" R: r& Wnat (inside) 10 192.168.0.40 255.255.255.255 0 0
3 |6 y2 p K h( G6 dnat (inside) 10 192.168.0.44 255.255.255.255 0 0' E; w( G5 ?2 j" ?+ [# X4 d6 A
nat (inside) 10 192.168.0.45 255.255.255.255 0 0! u8 w) ~9 x! i/ j+ n
nat (inside) 10 192.168.0.47 255.255.255.255 0 0
2 K4 Y1 S9 h! Bnat (inside) 10 192.168.0.48 255.255.255.255 0 0
7 ~& N$ M% E+ `; k* l1 anat (inside) 10 192.168.0.49 255.255.255.255 0 0* w" N% j y+ W+ z ?3 \+ E
nat (inside) 10 192.168.0.50 255.255.255.255 0 0
, e9 P( {. w" Y+ lnat (inside) 10 192.168.0.51 255.255.255.255 0 0
8 e3 s# F, c, c" G) cnat (inside) 10 192.168.0.52 255.255.255.255 0 0
( X* E8 v" E: k2 bnat (inside) 10 192.168.0.53 255.255.255.255 0 0
+ Y5 [9 E" A( K4 u% a4 I% Lnat (inside) 10 192.168.0.54 255.255.255.255 0 0! ^, d- C# R8 ?) A6 {0 j
nat (inside) 10 192.168.0.55 255.255.255.255 0 0- P) f/ T5 V4 n4 P5 L- r1 `
nat (inside) 10 192.168.0.56 255.255.255.255 0 01 ^% ?. z! y0 W: v" X$ [3 h
nat (inside) 10 192.168.0.57 255.255.255.255 0 0
' ^* i: l W" m: H) tnat (inside) 10 192.168.0.58 255.255.255.255 0 0. j, P7 B A. b, g8 ]
nat (inside) 10 192.168.0.59 255.255.255.255 0 0
9 h: h% G& H7 h# Q6 [% K. V4 Pnat (inside) 10 192.168.0.62 255.255.255.255 0 0, U0 M9 l7 U U" j- [
nat (inside) 10 192.168.0.63 255.255.255.255 0 0
) c. K+ P( ^. D* g4 G; jnat (inside) 10 192.168.0.64 255.255.255.255 0 0$ _5 z/ P; F" w" h* Q. L
nat (inside) 10 192.168.0.65 255.255.255.255 0 0. ]% b" ^' E& z4 L) Z% V" o
nat (inside) 10 192.168.0.66 255.255.255.255 0 07 ~8 b0 S& w6 v3 {
nat (inside) 10 192.168.0.67 255.255.255.255 0 0
: x( {+ m. a$ i7 W) ~1 i5 Dnat (inside) 10 192.168.0.68 255.255.255.255 0 0
9 R: D2 y5 k% ^- _3 U& K9 rnat (inside) 10 192.168.0.69 255.255.255.255 0 0
$ h2 z. j# f: Q# s* A) I2 ?nat (inside) 10 192.168.0.71 255.255.255.255 0 0& ~0 n& \" p' `$ t }4 }% d9 I5 }
nat (inside) 10 192.168.0.73 255.255.255.255 0 0
5 A6 e8 W! j- O8 [, _$ A8 fnat (inside) 10 192.168.0.76 255.255.255.255 0 0- F7 @0 P9 V6 u+ l/ ]
nat (inside) 10 192.168.0.79 255.255.255.255 0 0: S& |, g' C9 b6 E
nat (inside) 10 192.168.0.80 255.255.255.255 0 04 k* `( v6 V$ v) z4 }* R# m
nat (inside) 10 192.168.0.81 255.255.255.255 0 0
5 B! `) U7 o& R/ }9 o! N E$ Snat (inside) 10 192.168.0.82 255.255.255.255 0 0! Z% T9 u" b) G ?; Y i/ {, \
nat (inside) 10 192.168.0.83 255.255.255.255 0 0
# \0 ~* {* V: O/ i) T+ hnat (inside) 10 192.168.0.85 255.255.255.255 0 0$ P- L4 n. V/ t2 _- |/ c6 [1 A; O
nat (inside) 10 192.168.0.86 255.255.255.255 0 0* a. n- p1 ?8 h- G2 s0 H. P' J
nat (inside) 10 192.168.0.87 255.255.255.255 0 06 l |+ T. D8 c0 H* I: h6 V
nat (inside) 10 192.168.0.89 255.255.255.255 0 0
7 P% O3 w* Q2 }4 rnat (inside) 10 192.168.0.90 255.255.255.255 0 0( A$ C. U6 g; o5 Z$ L% F4 `1 h) ~
nat (inside) 10 192.168.0.92 255.255.255.255 0 0
9 K, L& k+ Z2 G) x' P( mnat (inside) 10 192.168.0.93 255.255.255.255 0 01 {6 E; E3 y' |4 ^0 t8 |
nat (inside) 10 192.168.0.94 255.255.255.255 0 0( r6 t( P# a" Y& b/ O: v* D
nat (inside) 10 192.168.0.95 255.255.255.255 0 0( s3 e* `9 ^! ^, i4 |
nat (inside) 10 192.168.0.96 255.255.255.255 0 0
3 B+ o0 V- {/ O; Y, l0 M$ U) ]2 ^ vnat (inside) 10 192.168.0.97 255.255.255.255 0 0; k- ?, u6 _% @8 ~: O" W9 e% O; E
nat (inside) 10 192.168.0.99 255.255.255.255 0 0
) V6 x& ^, @ l) C' J& o7 Onat (inside) 10 192.168.0.101 255.255.255.255 0 0
6 F- o8 |$ ]; e& A9 |" U, W: bnat (inside) 10 192.168.0.102 255.255.255.255 0 0
6 W' B: z7 y: U7 d3 N2 U5 Mnat (inside) 10 192.168.0.103 255.255.255.255 0 0
& P, x4 h3 w) q- F( N) Lnat (inside) 10 192.168.0.104 255.255.255.255 0 0
0 ~ @! T- J4 W0 j( J: Lnat (inside) 10 192.168.0.106 255.255.255.255 0 0
0 M( ]# K& ~5 _9 H6 u, {1 p onat (inside) 10 192.168.0.107 255.255.255.255 0 0. q$ \+ T5 n! G& @4 D
nat (inside) 10 192.168.0.108 255.255.255.255 0 0/ H# }7 P- D1 M9 P; Y
nat (inside) 10 192.168.0.118 255.255.255.255 0 0
- |; z! ~: T( t" r tnat (inside) 10 192.168.0.119 255.255.255.255 0 01 G" c7 j$ a9 q( ~
nat (inside) 10 192.168.0.120 255.255.255.255 0 0. v4 }* Q9 N, g( ?' H+ d
nat (inside) 10 192.168.0.121 255.255.255.255 0 0" @9 Z- U" a3 } @
nat (inside) 10 192.168.0.200 255.255.255.255 0 0 S' m3 [7 K2 h
nat (inside) 10 192.168.0.201 255.255.255.255 0 0
4 c9 t& e0 B z: k6 h0 Wnat (inside) 10 192.168.0.202 255.255.255.255 0 0
6 w( p1 P: z( F) @. n4 f# O4 n* E1 S: Bnat (inside) 10 192.168.0.203 255.255.255.255 0 0( |# Q- F/ _- v9 \( B0 [/ l5 r
nat (inside) 10 192.168.0.204 255.255.255.255 0 0+ h4 B" n% w4 G! o$ z
nat (inside) 10 192.168.0.205 255.255.255.255 0 0& S, m) X1 B/ w! k# Q
nat (inside) 10 192.168.0.206 255.255.255.255 0 0
: S/ P, Q/ d7 h; H5 Vnat (inside) 10 192.168.0.207 255.255.255.255 0 0
( p5 N, ?* E; Onat (inside) 10 192.168.0.208 255.255.255.255 0 0
1 @6 X. \* j1 q' ^3 Qnat (inside) 10 192.168.0.209 255.255.255.255 0 0
6 Y; E4 K" W% T0 k J% t3 {2 Mnat (inside) 10 192.168.0.210 255.255.255.255 0 06 C, U6 S# h4 J4 \7 Q0 P
nat (inside) 10 192.168.0.211 255.255.255.255 0 0# o. G2 t: \# F# ?2 M
nat (inside) 10 192.168.0.212 255.255.255.255 0 05 j( w% ~, @# B( ~, @/ ?
nat (inside) 10 192.168.0.213 255.255.255.255 0 06 W7 _' N! _: ^' {5 k' l
nat (inside) 10 192.168.0.214 255.255.255.255 0 0/ p& r9 @3 Z3 R3 F" h, U
nat (inside) 10 192.168.0.215 255.255.255.255 0 0
( y+ ~7 ], x- `/ ^; J& ~5 t X- Hnat (inside) 0 192.168.0.0 255.255.255.0 0 08 n& D- p1 N; j
nat (inside) 10 0.0.0.0 0.0.0.0 0 0
, y2 w8 p4 \% B5 Zroute outside 0.0.0.0 0.0.0.0 221.XXX.138.249 1$ L/ F& o& o6 o
timeout xlate 3:00:004 n7 t' u% ^ R# \: _" X+ G6 r
timeout conn 1:00:00 half-closed 0:10:00 udp 0:02:00 rpc 0:10:00 h225 1:00:00
5 Z& m) m8 @4 b( R3 B& Atimeout h323 0:05:00 mgcp 0:05:00 sip 0:30:00 sip_media 0:02:00$ x- q, B' _/ R4 T2 ~3 z- u
timeout uauth 0:05:00 absolute" D7 a* f) u p: J$ M$ m/ x
aaa-server TACACS+ protocol tacacs+ : Y, ~; c2 O* {' J- t8 x$ r0 H, d
aaa-server RADIUS protocol radius
& o- } e& Y8 Caaa-server LOCAL protocol local
4 S7 _7 R/ r" n& _+ x, Mhttp server enable0 e" x3 D& u3 n$ x$ j6 x0 z. D# g0 `
http 192.168.0.0 255.255.255.0 inside
; @- V: g8 ]8 V/ f6 A' @0 qno snmp-server location6 p% X" `5 n) m! q1 w
no snmp-server contact" Y' |5 E: M! l, A6 ^
snmp-server community public& _6 a. E, A7 G* D3 p
no snmp-server enable traps
6 |) R7 Q9 C6 g7 J7 W' r) Bfloodguard enable
& V$ c8 ?3 t _sysopt connection permit-ipsec: f. K. }" K( d/ g- h
sysopt connection permit-l2tp
# G4 I5 ? N8 } [2 U) f9 E& U* \. Gcrypto ipsec transform-set ESP-DES-SHA esp-des esp-sha-hmac
% `: v7 g, l- a3 C* u0 L* Jcrypto ipsec transform-set ESP-DES-MD5 esp-des esp-md5-hmac + s8 d- e9 p/ Q5 u" h6 B
isakmp enable outside; L* z' N" ?2 |! c7 }& r1 F
isakmp enable inside
" S$ X" Y4 N C h$ Ttelnet timeout 5
2 t& O4 J: u& T2 p! M) z3 dssh 0.0.0.0 0.0.0.0 outside6 w& y& \6 {/ _$ z2 ^
ssh 0.0.0.0 0.0.0.0 inside+ M; f9 H* \; `
ssh timeout 5
3 `7 Q) }8 j8 @$ J9 | Jconsole timeout 0
$ h3 H! B+ V1 ^8 Q1 K8 ~' vvpdn username wanhine password *********
- \# {$ F; ]% e& j+ avpdn enable outside
' K( v' u2 x, N+ h1 c' {vpdn enable inside6 R" J! f* h5 l( r& v+ X3 e
dhcpd address 192.168.0.20-192.168.0.200 inside
9 X! K3 g9 z- x" E z/ [dhcpd dns 202.103.24.68 202.103.0.1177 _- L( F9 H0 `9 D' D" q. p; m
dhcpd lease 3600
: {8 U7 t4 d# L3 t! edhcpd ping_timeout 750, _' b2 @; ^# b$ K6 @
terminal width 80
# u2 k; |% q$ qCryptochecksum:f40dc8963b7f456d60eac467e8c0ea872 U7 U" }" f' b' ~4 m- p0 j: w) l4 p
: end
/ W! n. w t! P# q& B[OK]
7 s% q: q" q1 J J0 K) [' N3 s0 B: D/ F: _) @' h
/ M1 m: R: d* B1 Q: \
; g3 V, o2 |/ Q- K- u请高人指点.; s$ C8 {; E; e0 ]7 M
如果PDM无法实现,请发下完整的配置表谢谢,万分感谢! |
所有IT类厂商认证考试题库下载
【新盟教育】2023最新华为HCIA全套视频合集【网工基础全覆盖】---国sir公开课合集
【新盟教育】网工小白必看的!2023最新版华为认证HCIA Datacom零基础全套实战课
原创_超融合自动化运维工具cvTools
重量级~~30多套JAVA就业班全套 视频教程(请尽快下载,链接失效后不补)
链接已失效【超过几百G】EVE 国内和国外镜像 全有了 百度群分享
某linux大佬,积累多年的电子书(约300本)
乾颐堂现任明教教主Python完整版
乾颐堂 教主技术进化论 2018-2019年 最新31-50期合集视频(各种最新技术杂谈视频)
Python学习视频 0起点视频 入门到项目实战篇 Python3.5.2视频教程 共847集 能学102天
约21套Python视频合集 核心基础视频教程(共310G,已压缩)
最新20180811录制 IT爱好者-清风羽毛 - 网络安全IPSec VPN实验指南视频教程
最新20180807录制EVE开机自启动虚拟路由器并桥接物理网卡充当思科路由器
[复制链接]
