1.网络拓扑如下图, t# t, W% d( O6 m* h" g
- r1 B. X h" m% z" N2.CISCO pix515e使用PDM3.0配置如下2 G; z" U; R. z0 Z& H0 C
8 |! U' M8 t& _ I: z: r% i F$ o+ @! U. a# @! x
! _% E0 x$ v6 S- r5 j( Y) k; ]2 |4 u# v
; v7 e4 X$ L. Y- y+ @# {2 ^7 w8 d
- P/ U: O0 @2 ?- c3 o3.拟实现的网络功能:公网计算机通过光纤、ADSL、WIFI、mobile等方式接入因特网,再通过windows自带的虚拟专用网拨号连接或者CISCO的VPN cilent拨入PIX515e内部的VpnServer,以实现接入VpnServer所在的局域网,共享局域网内的资源,VPN Server在内网测试通过。& o7 W+ J6 }; h# ~( r( Z: @. _, E
+ s. b% P4 U5 h# \4 T3 M3 B/ E
4.遇到的问题:公网计算机无法通过pix515e的公网地址向内穿越NAT拨入VPNserver。能否在pix515e上建立一条Vpn Tunnel以实现第3条的网络功能,该如何建立。1 C" J/ l5 o3 v l- _; w, x
# n4 p4 s/ U3 _! t' y! J/ V q# p! J
5.已失败的方法2 x; {, t; K4 y* u! R" ^- r7 ?
* M, }3 N- k- N$ p( o" E/ VA:端口映射,该思科设备通过NAT功能将内网IP转换为公网IP,不是路由器,无法做端口映射。1 j) u% F; ?; s! r
m' J9 g1 s( f: l5 X; WB:在PDM3.0上尝试对PIX515e进行VPN的设置,未能凑效。
( k- `/ ]" z0 W% B
, L) ]( J& N% q0 XC:逆向NAT失败,PDM3.0不允许。
/ P* [) h% [& p; ^( I' G, {, P% C" @. \( Y; S l8 i2 |% B
设备目前的配置列表- t) l5 z% ^+ a
1 s0 c5 |7 y4 p1 [7 C
Building configuration...
( C6 e! E* m! j- s1 ^8 O: Saved( S) t, u, b. }1 G( a) t/ H& y! M1 l; s
:
( B2 _' q- d4 R" [- \" Y' U, zPIX Version 6.3(3)
1 U' W2 {! S6 T& P, e* vinterface ethernet0 auto
7 @+ p% L3 r/ ]interface ethernet1 auto
, h2 c+ w; e/ [- r, t, P- \nameif ethernet0 outside security0
9 x: `: g6 D! B; @. I, e$ Z$ knameif ethernet1 inside security100
$ D9 [' s) x* l8 _: ]$ kenable password /NNcO2U/e4a3IAX3 encrypted; [ U) a; z/ p
passwd 2KFQnbNIdI.2KYOU encrypted
/ p/ W1 {5 J2 Zhostname huawei+ B8 }1 X( k% {7 W) h) Y
domain-name huawei.com( \( K6 P# {: H! {4 e0 P' m
fixup protocol dns maximum-length 512. P6 C' h. O F+ n! D/ ^
fixup protocol ftp 21) [4 [& s" j0 e z& b- z* s/ r# E
fixup protocol h323 h225 1720* Y3 m! x$ I! R6 T! I: u
fixup protocol h323 ras 1718-1719
: @0 }! R4 I" e" Kfixup protocol http 80* O L# s* A) ^1 X( P9 s N" n
fixup protocol rsh 514. k: x: e( h" |7 w$ z
fixup protocol rtsp 554
J; m! [6 e+ Z) V- ~0 @fixup protocol sip 5060
! z0 a6 o! ]/ u% J qfixup protocol sip udp 5060
9 _* R3 C7 Q, Q. dfixup protocol skinny 2000, A0 r; E- L. j8 o7 a% N
fixup protocol smtp 254 }) y( ?& X N; ?; w; L
fixup protocol sqlnet 1521' P1 _8 R' o8 D8 M( {
fixup protocol tftp 69' y$ h8 d0 \% G+ K. z; E
names+ g) L/ E4 V/ H3 W! i9 s
access-list outside_inbound_nat0_acl permit ip interface outside 192.168.0.0 255.255.255.0 % B: |$ @0 I- Q! ]' X
pager lines 24* L* ]- V7 I4 X7 r w7 M" n5 o2 b
mtu outside 15004 c! c! G' |2 a9 F6 I$ `% f4 w: t! T
mtu inside 1500
; I$ _2 e1 Z. aip address outside 221.XXX.138.250 255.255.255.252
! n& p0 H4 t+ W$ F7 Y9 gip address inside 192.168.0.254 255.255.255.06 N5 `7 Y. ~8 l
ip audit info action alarm6 ~9 I$ S8 X% N/ R
ip audit attack action alarm
/ U8 W& I; I) @) R; k M4 z) Tpdm location 192.168.0.3 255.255.255.255 inside6 f% g/ q; S A8 v1 T7 A7 ^* H. o
pdm location 192.168.0.24 255.255.255.255 inside. [, N" V u( \. u2 N/ Y
pdm location 192.168.0.1 255.255.255.255 inside+ g& @) F: N$ ]1 {6 b, A
pdm location 192.168.0.2 255.255.255.255 inside$ |& P+ Z" S8 ~1 Y: E$ f0 ]
pdm location 192.168.0.12 255.255.255.255 inside1 S! ?5 C: K$ u9 h! b" a
pdm location 192.168.0.10 255.255.255.255 inside
1 h% J6 r1 |- d0 E( Y- cpdm location 192.168.0.16 255.255.255.255 inside7 U4 q) @( T$ S# }1 r# Q7 Z; v# r+ ?
pdm location 192.168.0.19 255.255.255.255 inside4 K& z( i" _3 |. b% E
pdm location 192.168.0.20 255.255.255.255 inside, r8 k$ Y8 X: \
pdm location 192.168.0.22 255.255.255.255 inside$ J' m6 B0 a$ w2 c, h; J
pdm location 192.168.0.23 255.255.255.255 inside
6 ^+ N* B L7 b# y- | ^4 Q6 q$ epdm location 192.168.0.34 255.255.255.255 inside
/ i! E t' E& b; F! epdm location 192.168.0.38 255.255.255.255 inside( c+ k3 q% T7 l& I6 |; S; H0 v/ r
pdm location 192.168.0.40 255.255.255.255 inside
\, l5 O7 P7 [; k1 ^* H' E% S epdm location 192.168.0.58 255.255.255.255 inside8 C& c) k/ _! |, S
pdm location 192.168.0.17 255.255.255.255 inside
8 L4 J* Q; M, J8 Q0 ^( apdm location 192.168.0.39 255.255.255.255 inside
2 w, A( D/ a% `+ Wpdm location 192.168.0.41 255.255.255.255 inside
9 p( E" S1 Z* }2 z7 l8 e$ vpdm location 192.168.0.13 255.255.255.255 inside4 s- P& L# Z9 s2 n4 V# a
pdm location 192.168.0.42 255.255.255.255 inside
! g" c5 Z/ p6 \pdm location 192.168.0.45 255.255.255.255 inside* ^' k" @( j V# B C& x6 n4 g) U
pdm location 192.168.0.46 255.255.255.255 inside W. t) v i& v9 P3 s0 X
pdm location 192.168.0.47 255.255.255.255 inside
/ z% A: ?' K2 i+ P' x7 ?8 Apdm location 192.168.0.50 255.255.255.255 inside' L* N5 D2 F" X- a
pdm location 192.168.0.25 255.255.255.255 inside
* j, J! k8 `' m' l2 i$ spdm location 192.168.0.4 255.255.255.255 inside0 ?$ M1 D) O- k
pdm location 192.168.0.6 255.255.255.255 inside0 e1 X5 t: l6 `& c
pdm location 192.168.0.35 255.255.255.255 inside$ c) K8 {; m8 s' W8 w
pdm location 192.168.0.21 255.255.255.255 inside( k* C+ e& {' C0 c4 P6 ~
pdm location 192.168.0.200 255.255.255.255 inside, V6 K5 O; G: C* b5 g' t1 B X
pdm location 192.168.0.48 255.255.255.255 inside
* M& x7 x5 g9 H0 _7 Lpdm location 192.168.0.60 255.255.255.255 inside
* X: x3 O$ s. |$ D6 |% m: N. G$ \pdm location 192.168.0.51 255.255.255.255 inside" {* ^2 q$ M$ O) b, u+ i
pdm location 192.168.0.32 255.255.255.255 inside# z$ S9 {/ Y. Y9 a# Z( M; t* y, g9 j
pdm location 192.168.0.18 255.255.255.255 inside
/ q' T( T0 F/ k5 v/ n- \pdm location 192.168.0.7 255.255.255.255 inside4 A5 z" ]1 [0 w' n1 }! } o
pdm location 192.168.0.201 255.255.255.255 inside* i2 a' U2 Q5 Y0 _9 c Y) l6 r
pdm location 192.168.0.36 255.255.255.255 inside+ c/ K5 c8 [& W. j3 B$ q1 _- w) Q- A
pdm location 192.168.0.100 255.255.255.255 inside
0 m4 D) M2 I. m% V3 t3 W g; z fpdm location 192.168.0.5 255.255.255.255 inside0 F9 ]4 W: c' B6 S5 z
pdm location 192.168.0.202 255.255.255.255 inside
$ j. O' A9 U, p3 s+ ]pdm location 192.168.0.26 255.255.255.255 inside
$ M; j f( c0 I `, X1 M# Rpdm location 192.168.0.203 255.255.255.255 inside
7 R. K9 H0 y, V- l, M* @: }5 Kpdm location 192.168.0.14 255.255.255.255 inside" m& ?3 H p; H4 Q
pdm location 192.168.0.204 255.255.255.255 inside# n( B) _. O1 J$ Z# C' p% p- D* A, z, }
pdm location 192.168.0.251 255.255.255.255 inside
) i; s' K7 m( @pdm location 192.168.0.205 255.255.255.255 inside( A' I0 [7 B- `( l$ k
pdm location 192.168.0.206 255.255.255.255 inside
# S! v- }2 w+ o1 ?pdm location 192.168.0.207 255.255.255.255 inside" g1 d f, W2 a, I/ Z2 I2 \* `; S
pdm location 192.168.0.208 255.255.255.255 inside
# V$ M+ r/ Y( e6 i# a$ N- o/ Bpdm location 192.168.0.209 255.255.255.255 inside
: W/ l! ?0 t1 M+ U) k- |. epdm location 192.168.0.108 255.255.255.255 inside2 E, s& `& g2 x+ f, [8 M' `, ~
pdm location 192.168.0.31 255.255.255.255 inside5 Z7 v3 Y w! T3 W+ J
pdm location 192.168.0.30 255.255.255.255 inside
( `' H2 M8 P3 c6 N. B; h3 {% l, d7 bpdm location 192.168.0.210 255.255.255.255 inside
3 r) b" b# F" f, Spdm location 192.168.0.8 255.255.255.255 inside
' `; E& A7 j* O9 y. ^( _& ]pdm location 192.168.0.11 255.255.255.255 inside
- Q( v* l! t) B; }8 h0 k! vpdm location 192.168.0.29 255.255.255.255 inside; N7 m$ V, @' [
pdm location 192.168.0.109 255.255.255.255 inside. u- O1 d; S+ o9 H) u. f9 o
pdm location 192.168.0.111 255.255.255.255 inside& Y6 c2 l2 `; `7 z- k" L. Y
pdm location 192.168.0.116 255.255.255.255 inside$ W# s& y/ }' ~6 n; t, g$ J0 l+ d! @# L1 u. E
pdm location 192.168.0.113 255.255.255.255 inside% ]6 u0 e* l J/ B. H& {; F
pdm location 192.168.0.107 255.255.255.255 inside
0 W' B/ ^& u( J2 t. R! ], cpdm location 192.168.0.240 255.255.255.255 inside3 o) d0 B: `( S
pdm location 192.168.0.241 255.255.255.255 inside
5 o0 x5 J3 X2 E. M5 q6 Ypdm location 192.168.0.233 255.255.255.255 inside- t& x* T9 P; c
pdm location 192.168.0.250 255.255.255.255 inside' [& v: H5 o; j) W8 W
pdm location 192.168.0.252 255.255.255.255 inside
: s0 J5 A5 k1 V3 y( wpdm location 192.168.0.253 255.255.255.255 inside4 u% u6 @+ {* H% _; d7 O5 X* t
pdm location 192.168.0.44 255.255.255.255 inside
B0 n0 j1 N, W' K4 P1 Z1 Kpdm location 192.168.0.242 255.255.255.255 inside3 `. M% U' r! u7 Y9 M$ H
pdm location 192.168.0.239 255.255.255.255 inside
! `3 Q1 h" ^) _# A/ T* f, t# ?pdm location 192.168.0.27 255.255.255.255 inside" o' {4 |! o" H0 _6 q' z
pdm location 192.168.0.249 255.255.255.255 inside
* r* [9 y4 C% J" r! Qpdm location 192.168.0.61 255.255.255.255 inside5 F3 H4 |" T/ W0 y
pdm location 192.168.0.62 255.255.255.255 inside
. }- O& x U" s3 mpdm location 192.168.0.63 255.255.255.255 inside
- z% s$ ]1 \, Z6 S( n1 z# U1 X' Tpdm location 192.168.0.64 255.255.255.255 inside i: X. t7 z- L* Z j
pdm location 192.168.0.68 255.255.255.255 inside) H: W% m. `" M/ I2 L2 l8 M
pdm location 192.168.0.211 255.255.255.255 inside
N. {4 ~" r3 `+ Wpdm location 192.168.0.70 255.255.255.255 inside
& v6 T- }3 \- f% g$ C1 E4 C, | lpdm location 192.168.0.65 255.255.255.255 inside
d, z, n5 X9 ?5 Hpdm location 192.168.0.121 255.255.255.255 inside' m( e; k5 z2 S9 W' M
pdm location 192.168.0.247 255.255.255.255 inside, c' D+ O+ X# w" A' O1 A5 s+ n
pdm location 192.168.0.37 255.255.255.255 inside, n* O: Q& W% @% ~6 {& z# M
pdm location 192.168.0.73 255.255.255.255 inside
9 b/ e: u' J5 rpdm location 192.168.0.112 255.255.255.255 inside7 `3 A% g7 P1 T, ~- c" C% G' K5 r
pdm location 192.168.0.57 255.255.255.255 inside- y; m, q- y6 e, v8 |$ a1 M
pdm location 192.168.0.99 255.255.255.255 inside
- x9 e2 e: J5 C( r; C, bpdm location 192.168.0.124 255.255.255.255 inside
( [3 i/ K3 R8 i. Ppdm location 192.168.0.52 255.255.255.255 inside4 ` U3 m- g; ` n. }6 a& b# [
pdm location 192.168.0.118 255.255.255.255 inside% Y9 g, F, W: n: h/ b7 m2 |
pdm location 192.168.0.122 255.255.255.255 inside
9 Z7 \+ l; Z8 l9 B9 _pdm location 192.168.0.49 255.255.255.255 inside) ^* b" y6 Z% x! p5 Z0 X% c
pdm location 192.168.0.55 255.255.255.255 inside; `" C8 W8 J, y
pdm location 192.168.0.43 255.255.255.255 inside
* \) u1 c4 R% c' Vpdm location 192.168.0.103 255.255.255.255 inside
7 x. O& Y8 N3 f2 b1 t( Mpdm location 192.168.0.54 255.255.255.255 inside
. g* A% Y( [4 Q0 `" s/ n8 m: zpdm location 192.168.0.243 255.255.255.255 inside9 d: O) y% M( z9 C2 | ~
pdm location 192.168.0.244 255.255.255.255 inside7 {2 u' O; c) v: `) s
pdm location 192.168.0.230 255.255.255.255 inside' E% M% S" Z, `( Z J5 i
pdm location 192.168.0.135 255.255.255.255 inside
( A8 l% M, g( h* |. b npdm location 192.168.0.115 255.255.255.255 inside2 P2 m3 g0 q( e. I! s* @5 c
pdm location 192.168.0.245 255.255.255.255 inside
2 a' w& |+ d3 P7 g0 I* epdm location 192.168.0.238 255.255.255.255 inside; w3 K1 h8 ~+ Z! ^- q/ {
pdm location 192.168.0.237 255.255.255.255 inside
& R( O& a/ P8 o: A$ A! Q6 Apdm location 192.168.0.231 255.255.255.255 inside
7 e$ ?9 P/ K# Q: D; Bpdm location 192.168.0.235 255.255.255.255 inside$ W( F3 G& M0 ~
pdm location 192.168.0.236 255.255.255.255 inside
/ o- p$ Q/ X1 I0 B; s/ J/ J1 g* U$ Spdm location 192.168.0.190 255.255.255.255 inside
1 x& x- {# u8 J; q# f2 O9 qpdm location 192.168.0.181 255.255.255.255 inside
0 J% K6 p( L7 K5 ~pdm location 192.168.0.9 255.255.255.255 inside- B0 d/ k9 ?8 z
pdm location 192.168.0.246 255.255.255.255 inside7 e. o* [6 c% s: u
pdm location 192.168.0.59 255.255.255.255 inside
3 B: K7 S. d! S0 |3 c1 \pdm location 192.168.0.191 255.255.255.255 inside6 l5 B! { _% {! Q* w L% W
pdm location 192.168.0.117 255.255.255.255 inside6 F) u( j2 | a/ v
pdm location 192.168.0.171 255.255.255.255 inside
. E0 ? |) T; q% ipdm location 192.168.0.53 255.255.255.255 inside+ @" m" F6 v! z" `- P
pdm location 192.168.0.130 255.255.255.255 inside
& h8 n% {9 h3 }' xpdm location 192.168.0.91 255.255.255.255 inside2 H& b. R& o6 |4 x. L: D+ T7 ^
pdm location 192.168.0.140 255.255.255.255 inside
, ~9 D3 k3 M2 O# M% K+ opdm location 192.168.0.220 255.255.255.255 inside9 [- M: j8 s" C0 q& d; b( k. r) j, R
pdm location 192.168.0.119 255.255.255.255 inside
) J" u2 R" C7 r* opdm location 192.168.0.223 255.255.255.255 inside
& f3 I" v% [$ }6 E7 u# qpdm location 192.168.0.106 255.255.255.255 inside$ b" @5 W$ l! e
pdm location 192.168.0.123 255.255.255.255 inside/ X' h0 A9 N; t, z
pdm location 192.168.0.67 255.255.255.255 inside0 Z% d" ^$ B9 r/ r/ Q
pdm location 192.168.0.219 255.255.255.255 inside# u9 N6 P( \' H" {' U# N
pdm location 192.168.0.56 255.255.255.255 inside
# j' Y9 m: Q* p1 E! h" C/ xpdm location 192.168.0.66 255.255.255.255 inside
* ^9 ~" l4 W$ A. N! b' tpdm location 192.168.0.76 255.255.255.255 inside+ N- r4 R( t; w8 c. t. o- E1 \
pdm location 192.168.0.102 255.255.255.255 inside
% y, d6 a% ]+ { r9 b. Cpdm location 192.168.0.170 255.255.255.255 inside0 W( c/ G( b" Y+ l: g5 ?
pdm location 192.168.0.172 255.255.255.255 inside
; |+ d" g0 v7 Qpdm location 192.168.0.173 255.255.255.255 inside
/ z+ R8 x+ N) n' y9 s( [; V* vpdm location 192.168.0.174 255.255.255.255 inside' n3 B, Z1 H$ h! i6 P, }5 x
pdm location 192.168.0.175 255.255.255.255 inside
/ m z* n/ {2 V* [ Cpdm location 192.168.0.160 255.255.255.255 inside" X6 I+ S% E$ `$ ]( `# @, J
pdm location 192.168.0.138 255.255.255.255 inside7 ^4 t" R6 x9 m V$ l
pdm location 192.168.0.78 255.255.255.255 inside3 y* J, Q+ i9 B' l, ^6 n/ h6 b0 R
pdm location 192.168.0.69 255.255.255.255 inside9 @- j' p/ } E5 @. w9 I/ I: {: g
pdm location 192.168.0.221 255.255.255.255 inside9 o5 s$ x8 | o1 N; T$ x) \) C
pdm location 192.168.0.110 255.255.255.255 inside- u, E0 Q( K& @" j( x$ B% P
pdm location 192.168.0.232 255.255.255.255 inside
/ l) t% g9 g0 Updm location 192.168.0.80 255.255.255.255 inside4 l- \0 ?) |& z9 Y0 D: _+ }5 r( V
pdm location 192.168.0.81 255.255.255.255 inside
8 B! F; g) X! Y1 U6 Dpdm location 192.168.0.82 255.255.255.255 inside
- f& L1 g, B) O3 w5 [( dpdm location 192.168.0.83 255.255.255.255 inside
+ a* y6 Z& B& l' _ D/ l' u1 J Vpdm location 192.168.0.84 255.255.255.255 inside- ?* w+ P( d9 R' O4 @5 L2 O
pdm location 192.168.0.85 255.255.255.255 inside2 L: |( P& w- j. O$ W# [% d" _
pdm location 192.168.0.86 255.255.255.255 inside
6 f* f4 w! F. X' E/ \; ` h3 d: f+ ypdm location 192.168.0.87 255.255.255.255 inside
5 k e7 O9 Q7 E ?4 L) l1 x4 e* i" v1 Fpdm location 192.168.0.88 255.255.255.255 inside
0 i& T4 X) K: i* Opdm location 192.168.0.89 255.255.255.255 inside
# c/ _' C* c1 y8 vpdm location 192.168.0.90 255.255.255.255 inside
9 r8 i( x9 O1 R4 x4 M6 ` Kpdm location 192.168.0.28 255.255.255.255 inside
: b2 u/ p( D) u2 p5 `) ?) ^- tpdm location 192.168.0.234 255.255.255.255 inside
# i2 F4 Q! n) rpdm location 192.168.0.222 255.255.255.255 inside: t) d) K# l0 \% I4 W3 Y$ w: ~) s
pdm location 192.168.0.150 255.255.255.255 inside
9 B4 ^" j+ N) _pdm location 192.168.0.151 255.255.255.255 inside
; W/ I' q5 ]9 a# Hpdm location 192.168.0.152 255.255.255.255 inside; M7 {4 }' A9 j3 @. L3 Q
pdm location 192.168.0.77 255.255.255.255 inside3 ^+ S7 W. h- [: ?& \. l
pdm location 192.168.0.72 255.255.255.255 inside3 t" M+ |5 o. U# c3 Q
pdm location 192.168.0.225 255.255.255.255 inside6 z# r3 p/ Y* B2 O3 ~$ F7 W, v
pdm location 192.168.0.161 255.255.255.255 inside
- c: K: f% J6 @$ \; Bpdm location 192.168.0.92 255.255.255.255 inside
( D7 T/ K- L- p' x4 Y1 Fpdm location 192.168.0.192 255.255.255.255 inside* k% `3 F7 D2 ~3 H! k
pdm location 192.168.0.193 255.255.255.255 inside
( `2 j4 `& ]" a5 s0 v8 y; ]6 tpdm location 192.168.0.15 255.255.255.255 inside
6 t0 h0 l1 P' v: [8 x- g/ n5 g$ s& mpdm location 192.168.0.33 255.255.255.255 inside9 L+ ?" M, v: d8 h& E, W
pdm location 192.168.0.79 255.255.255.255 inside5 q3 |$ X* t& a1 H* [+ V. x
pdm location 192.168.0.93 255.255.255.255 inside, k" k) B6 W+ e
pdm location 192.168.0.94 255.255.255.255 inside. f5 B$ U6 ^/ {* M# n Y" n
pdm location 192.168.0.95 255.255.255.255 inside
: Q) W2 g/ |( l0 o3 Npdm location 192.168.0.96 255.255.255.255 inside
5 R8 \! v* |# Bpdm location 192.168.0.97 255.255.255.255 inside
2 x0 u# T3 X0 E( F0 I1 e- K/ kpdm location 192.168.0.98 255.255.255.255 inside
4 z3 E F3 H2 L4 z% N- \pdm location 192.168.0.101 255.255.255.255 inside* }, `9 |! ?9 q, y5 @1 t1 E+ G
pdm location 192.168.0.104 255.255.255.255 inside0 {* X& H, p; u. Z+ t- _
pdm location 221.XXX.138.250 255.255.255.255 inside
F4 ^/ o+ t9 |: ]( m: m1 `pdm location 192.168.0.71 255.255.255.255 inside
0 o l$ u3 I Wpdm location 192.168.0.185 255.255.255.255 inside
: O% V' d0 |$ W" I5 _* L Zpdm location 192.168.0.75 255.255.255.255 inside/ L5 E, B6 L' a Y0 G" s3 {
pdm location 192.168.0.120 255.255.255.255 inside
, c: R$ J9 Q4 Q) epdm location 192.168.0.212 255.255.255.255 inside. x" b5 `9 ^" G1 s
pdm location 192.168.0.213 255.255.255.255 inside0 C" d6 n7 \. ]9 N# ^ W [5 D6 q
pdm location 192.168.0.214 255.255.255.255 inside
7 K, x7 ]; j+ I0 opdm location 192.168.0.215 255.255.255.255 inside* b1 `- T) p# K
pdm location 192.168.0.128 255.255.255.192 outside8 N& I; o, W3 Y# i3 B" m
pdm history enable- f+ g; K3 n( F
arp timeout 14400; ]- q5 B% k) m# l ^7 z5 |1 R
global (outside) 10 interface
; R7 c8 \# Q7 H* Z$ D" S- Y9 snat (outside) 0 access-list outside_inbound_nat0_acl outside0 _+ R) H! H; ~1 m; S& L+ D$ i
nat (inside) 10 192.168.0.1 255.255.255.255 0 0- S' G$ C% z+ W5 j) j
nat (inside) 10 192.168.0.3 255.255.255.255 0 08 ?( e& f( H; e$ K3 N0 Z, k: O
nat (inside) 10 192.168.0.4 255.255.255.255 0 0
) W; L& B0 Q, w) V6 {nat (inside) 10 192.168.0.5 255.255.255.255 0 0 S$ b( C. w" W7 k9 K
nat (inside) 10 192.168.0.10 255.255.255.255 0 03 L7 F4 j$ w6 ^: I( z
nat (inside) 10 192.168.0.11 255.255.255.255 0 0& v" N; F" f* x: W& n/ n
nat (inside) 10 192.168.0.12 255.255.255.255 0 0* c- p! v' Y8 X V. I
nat (inside) 10 192.168.0.13 255.255.255.255 0 0
# u( x8 S& x8 c9 u& H- N( mnat (inside) 10 192.168.0.14 255.255.255.255 0 0
& I* d/ a, [2 f, Knat (inside) 10 192.168.0.15 255.255.255.255 0 05 e5 M5 U1 T# ?& F6 A' G8 ]) p1 p( L
nat (inside) 10 192.168.0.16 255.255.255.255 0 08 h+ j' a3 {0 C8 O
nat (inside) 10 192.168.0.17 255.255.255.255 0 0% v5 Y5 b" A( H- H
nat (inside) 10 192.168.0.21 255.255.255.255 0 0
0 ]$ ?6 r) C& fnat (inside) 10 192.168.0.22 255.255.255.255 0 0# ?- A0 d6 H+ `' Y
nat (inside) 10 192.168.0.23 255.255.255.255 0 0: y- z" `5 I# Q0 ^4 u/ j1 Z
nat (inside) 10 192.168.0.24 255.255.255.255 0 0
8 P/ W; w% E. y4 _nat (inside) 10 192.168.0.25 255.255.255.255 0 0
: D. [" C# f3 N! u! n* Q$ F- i/ inat (inside) 10 192.168.0.26 255.255.255.255 0 0) r% k8 e0 J' ~. t7 r
nat (inside) 10 192.168.0.27 255.255.255.255 0 0 M0 I: ~' r3 }/ j' p
nat (inside) 10 192.168.0.29 255.255.255.255 0 0$ u( Z3 O2 A$ w b5 Q7 h6 a) ?
nat (inside) 10 192.168.0.31 255.255.255.255 0 0: W; h& _4 J! z# u1 A, X: Q
nat (inside) 10 192.168.0.32 255.255.255.255 0 0
# @& I' E" {+ y% M/ v' H" n: wnat (inside) 10 192.168.0.33 255.255.255.255 0 0. r9 q% l$ R+ k: ?- m, X
nat (inside) 10 192.168.0.34 255.255.255.255 0 0
4 f% n7 U+ l2 O. R) l3 f+ V. Cnat (inside) 10 192.168.0.37 255.255.255.255 0 0$ {( n, Q* \( U# A( Q
nat (inside) 10 192.168.0.39 255.255.255.255 0 05 a9 m& ?$ h; |- B
nat (inside) 10 192.168.0.40 255.255.255.255 0 0# k8 n& f: N9 Q; d
nat (inside) 10 192.168.0.44 255.255.255.255 0 0. F& ^( r, H; ~. m) ?) V
nat (inside) 10 192.168.0.45 255.255.255.255 0 0; k3 M. T9 V) U# Y( b X) X3 s
nat (inside) 10 192.168.0.47 255.255.255.255 0 02 J/ x3 x+ _+ C: V: I8 L7 _
nat (inside) 10 192.168.0.48 255.255.255.255 0 00 }1 A& r. Y- C4 ]: v( ~. b
nat (inside) 10 192.168.0.49 255.255.255.255 0 0
. u; t! Z1 z9 j3 t2 u7 Knat (inside) 10 192.168.0.50 255.255.255.255 0 0
# K. k( ?1 `1 y! bnat (inside) 10 192.168.0.51 255.255.255.255 0 0. i" f( E; ^% Q
nat (inside) 10 192.168.0.52 255.255.255.255 0 0) O' L5 N. g% E5 W' O
nat (inside) 10 192.168.0.53 255.255.255.255 0 0+ n' X) f6 D6 Q0 B' G$ T8 p
nat (inside) 10 192.168.0.54 255.255.255.255 0 0* i( X6 z( i* ^6 M
nat (inside) 10 192.168.0.55 255.255.255.255 0 0! C; c4 n. F) B& j. G+ _ Q
nat (inside) 10 192.168.0.56 255.255.255.255 0 09 g5 V4 M9 B( }+ a+ `
nat (inside) 10 192.168.0.57 255.255.255.255 0 0
8 _9 j0 v! |& cnat (inside) 10 192.168.0.58 255.255.255.255 0 0 A! n3 b. j8 K S! q3 X
nat (inside) 10 192.168.0.59 255.255.255.255 0 0
$ _# g: G3 o2 N7 `3 bnat (inside) 10 192.168.0.62 255.255.255.255 0 0
' [( I8 G" p5 v( ]7 A+ jnat (inside) 10 192.168.0.63 255.255.255.255 0 0 w" R* q; }3 I. ]5 j: R; V8 x
nat (inside) 10 192.168.0.64 255.255.255.255 0 0" \/ q- v3 X. b
nat (inside) 10 192.168.0.65 255.255.255.255 0 0# n K: K3 C; h' C4 x3 C- _
nat (inside) 10 192.168.0.66 255.255.255.255 0 06 Z6 N) b2 M& Z; U
nat (inside) 10 192.168.0.67 255.255.255.255 0 0
* ^8 R0 ~0 g1 S( B* p0 R# Fnat (inside) 10 192.168.0.68 255.255.255.255 0 0
+ U' g0 v, Z5 `3 ~$ rnat (inside) 10 192.168.0.69 255.255.255.255 0 0
# a) P; l) E, x1 qnat (inside) 10 192.168.0.71 255.255.255.255 0 0
( }! |$ H+ }& ?nat (inside) 10 192.168.0.73 255.255.255.255 0 0 Q% D! u8 b5 |- G7 ~
nat (inside) 10 192.168.0.76 255.255.255.255 0 0" _; }; C; D" B: a: [
nat (inside) 10 192.168.0.79 255.255.255.255 0 0
, r7 `7 v3 V& y/ b2 w$ T1 enat (inside) 10 192.168.0.80 255.255.255.255 0 0" n! {% F5 J( t* f+ C/ X
nat (inside) 10 192.168.0.81 255.255.255.255 0 04 @8 ?: n3 f/ v% S' X/ b3 t
nat (inside) 10 192.168.0.82 255.255.255.255 0 00 h! I5 C4 |2 }9 { b
nat (inside) 10 192.168.0.83 255.255.255.255 0 0
) q9 h! _ ?3 T& I$ {( s; \5 v% ]nat (inside) 10 192.168.0.85 255.255.255.255 0 02 k4 q" ^# U2 T) b! V. E
nat (inside) 10 192.168.0.86 255.255.255.255 0 0
4 E; Y; K- d Q# l# s# ^nat (inside) 10 192.168.0.87 255.255.255.255 0 0
; X3 c6 C5 [1 q9 L# hnat (inside) 10 192.168.0.89 255.255.255.255 0 0
+ W; C0 p. r- F8 Fnat (inside) 10 192.168.0.90 255.255.255.255 0 0
, e& w+ C% L/ e8 G# z: Unat (inside) 10 192.168.0.92 255.255.255.255 0 0$ t- F+ B) {0 C, T z
nat (inside) 10 192.168.0.93 255.255.255.255 0 0
c, ^$ ]+ F, r# U) U" r# `nat (inside) 10 192.168.0.94 255.255.255.255 0 0
" i/ z; k( m' c) q3 r0 T7 bnat (inside) 10 192.168.0.95 255.255.255.255 0 0
! o- _7 J1 S) `, ^nat (inside) 10 192.168.0.96 255.255.255.255 0 0
9 R/ n6 H3 ~' C1 s w6 jnat (inside) 10 192.168.0.97 255.255.255.255 0 03 S2 e2 j& E) o) N9 Q9 m3 \& S
nat (inside) 10 192.168.0.99 255.255.255.255 0 0) Z# N. ]( q* M7 y' J
nat (inside) 10 192.168.0.101 255.255.255.255 0 0
* ?6 E$ j' M+ ]7 ^0 @2 a7 Fnat (inside) 10 192.168.0.102 255.255.255.255 0 09 j/ K3 p0 A1 W# h) U% Q
nat (inside) 10 192.168.0.103 255.255.255.255 0 0
9 A1 _9 ^! U0 H( \. Gnat (inside) 10 192.168.0.104 255.255.255.255 0 0/ A" j0 P. O9 w7 I1 @' r, g9 b3 P
nat (inside) 10 192.168.0.106 255.255.255.255 0 0
* g2 n" o3 `1 p! H& G3 a! p. z: Q/ inat (inside) 10 192.168.0.107 255.255.255.255 0 0
6 R) B9 Z3 w! inat (inside) 10 192.168.0.108 255.255.255.255 0 0
* f9 I4 J/ _9 J" k6 K1 a. K0 dnat (inside) 10 192.168.0.118 255.255.255.255 0 0
( v9 e0 |) ?6 Anat (inside) 10 192.168.0.119 255.255.255.255 0 0
/ ~6 d1 X* M0 ~nat (inside) 10 192.168.0.120 255.255.255.255 0 0- Z) h k+ s# ~% {0 s* N6 Z" x# M
nat (inside) 10 192.168.0.121 255.255.255.255 0 0
0 k o4 Z' }& K; M+ @* knat (inside) 10 192.168.0.200 255.255.255.255 0 0- j# r1 C4 y- P7 E
nat (inside) 10 192.168.0.201 255.255.255.255 0 02 _9 c% G o6 e2 J+ x
nat (inside) 10 192.168.0.202 255.255.255.255 0 08 k/ S& U% T; n6 C0 C- k c I
nat (inside) 10 192.168.0.203 255.255.255.255 0 0
# n% F0 \$ Z& W6 {% T0 T" Q1 k& Inat (inside) 10 192.168.0.204 255.255.255.255 0 0& s. K% u' W8 `* U8 J; b; f7 Y! t: R
nat (inside) 10 192.168.0.205 255.255.255.255 0 0( _5 p' m. [ W2 ^, v% L
nat (inside) 10 192.168.0.206 255.255.255.255 0 0+ a p7 ]/ F2 F1 r/ h I
nat (inside) 10 192.168.0.207 255.255.255.255 0 06 A/ x0 a+ m1 {. E
nat (inside) 10 192.168.0.208 255.255.255.255 0 00 `1 c4 [) |4 l; _7 l+ z4 N
nat (inside) 10 192.168.0.209 255.255.255.255 0 09 r8 X/ t r. o" R9 b0 T, m- I" l: g
nat (inside) 10 192.168.0.210 255.255.255.255 0 08 t9 `8 q; x5 F" z/ S& V
nat (inside) 10 192.168.0.211 255.255.255.255 0 0: z! P A. d6 c7 h) l0 |
nat (inside) 10 192.168.0.212 255.255.255.255 0 0
& [; u: ]% ?% ~% onat (inside) 10 192.168.0.213 255.255.255.255 0 0 E% f3 C, _& m/ e7 L5 h
nat (inside) 10 192.168.0.214 255.255.255.255 0 0
$ D2 b4 A: X. t. P* {; Lnat (inside) 10 192.168.0.215 255.255.255.255 0 0
& I6 L% G# n' n! |nat (inside) 0 192.168.0.0 255.255.255.0 0 0 o5 `4 X; v- }+ d# y6 [
nat (inside) 10 0.0.0.0 0.0.0.0 0 05 ?# X; w- g2 n* R
route outside 0.0.0.0 0.0.0.0 221.XXX.138.249 1
m/ L" R1 o/ t% H$ Ntimeout xlate 3:00:00
8 u M' y2 f9 ~2 Y: w- Utimeout conn 1:00:00 half-closed 0:10:00 udp 0:02:00 rpc 0:10:00 h225 1:00:00
" E8 P- X7 ^7 gtimeout h323 0:05:00 mgcp 0:05:00 sip 0:30:00 sip_media 0:02:00
" p1 K. z7 \+ d9 P, Stimeout uauth 0:05:00 absolute* M3 g; G6 G5 L" X4 W1 f6 D7 n8 b3 ?
aaa-server TACACS+ protocol tacacs+
$ q" D" H1 K$ Saaa-server RADIUS protocol radius
q2 Y. {3 j! A9 p; z+ i* E" i7 Q. [# Jaaa-server LOCAL protocol local
0 |) @/ T# ]; ~! X6 j7 q7 o8 Whttp server enable$ n( ^" g6 _ }9 `
http 192.168.0.0 255.255.255.0 inside- z6 [ ~; V& a" ~ b: F. Y2 ]
no snmp-server location
. o5 g: T2 D( tno snmp-server contact) p$ U8 b3 ?6 I
snmp-server community public, D, K. ]9 C2 I! i$ E9 ^
no snmp-server enable traps
* k. `( [8 c1 C9 ]) mfloodguard enable
; \7 q7 w' i( s. `0 [4 @sysopt connection permit-ipsec1 Y [1 U0 I! P$ ~
sysopt connection permit-l2tp
0 r6 @& l1 M, A+ R) H; P( gcrypto ipsec transform-set ESP-DES-SHA esp-des esp-sha-hmac
6 Q* r q7 U. W# e ^. Wcrypto ipsec transform-set ESP-DES-MD5 esp-des esp-md5-hmac
- z$ O2 ]& a# n5 Visakmp enable outside
5 D6 \: R" r2 B. ]isakmp enable inside1 C. {& p$ H' @! O+ i" r# l
telnet timeout 5
1 t& p, R2 }5 t$ s: u- xssh 0.0.0.0 0.0.0.0 outside5 X: i$ ~ B" H! y3 l2 f3 {
ssh 0.0.0.0 0.0.0.0 inside3 u3 j- t2 ?- U* m7 {9 {/ i8 o
ssh timeout 5
1 i" S; _9 k4 w- _; E% w" r/ Oconsole timeout 0
9 W* k2 I5 p8 Jvpdn username wanhine password ********* ) H+ Y9 z0 _- C" ]' }# ~9 Y+ @5 ^, C
vpdn enable outside7 Y" Y1 {" C, H/ U- M; f
vpdn enable inside$ X1 B* [3 w5 [7 Q% H0 j- Y# u
dhcpd address 192.168.0.20-192.168.0.200 inside
9 j' ?$ @* \! udhcpd dns 202.103.24.68 202.103.0.117
" O, g$ f5 f9 L; f. ]dhcpd lease 3600
& I5 z: \1 e$ T' q. U& [! O" sdhcpd ping_timeout 7501 V1 M7 a, V! T5 W2 Z, y
terminal width 80% L& x( ]) o8 T* b+ j T) W) p* A9 r; Q
Cryptochecksum:f40dc8963b7f456d60eac467e8c0ea87/ Q/ Z$ u5 t& ^+ z: n( I
: end
- z- e4 u8 O* n) {6 A; `[OK]! z7 g$ e# q5 a$ Q" L1 K
+ }, e/ ^; i! n6 q1 R& m
) A. {; ?. ]$ b3 W5 a
8 N( A9 {" [' N$ a请高人指点.
0 \, w" r g1 B& c( Z6 ~6 w. s8 k* f如果PDM无法实现,请发下完整的配置表谢谢,万分感谢! |
|
所有IT类厂商认证考试题库下载
【新盟教育】2023最新华为HCIA全套视频合集【网工基础全覆盖】---国sir公开课合集
【新盟教育】网工小白必看的!2023最新版华为认证HCIA Datacom零基础全套实战课
原创_超融合自动化运维工具cvTools
重量级~~30多套JAVA就业班全套 视频教程(请尽快下载,链接失效后不补)
链接已失效【超过几百G】EVE 国内和国外镜像 全有了 百度群分享
某linux大佬,积累多年的电子书(约300本)
乾颐堂现任明教教主Python完整版
乾颐堂 教主技术进化论 2018-2019年 最新31-50期合集视频(各种最新技术杂谈视频)
Python学习视频 0起点视频 入门到项目实战篇 Python3.5.2视频教程 共847集 能学102天
约21套Python视频合集 核心基础视频教程(共310G,已压缩)
最新20180811录制 IT爱好者-清风羽毛 - 网络安全IPSec VPN实验指南视频教程
最新20180807录制EVE开机自启动虚拟路由器并桥接物理网卡充当思科路由器
[复制链接]
