防火墙linux防火墙设置
linux防火墙设置 时间:2021-04-14 阅读:()
知赵彪2007-11-28发表SecPath防火墙和Eudemon防火墙实现IPSEC互通的典型配置SecPath防火墙和Eudemon防火墙实现IPSEC互通的典型配置一、组网需求:SecPath防火墙和Eudemon防火墙做IPSECVPN互通.
二、组网图三、配置信息1.
SecPathF1000-A的主要配置#sysnameSecPathF1000-A#ikelocal-namefenzhi#firewallpacket-filterenablefirewallpacket-filterdefaultpermit#ikepeer1exchange-modeaggressivepre-shared-key123id-typenameremote-namezhongxinremote-address202.
38.
1.
1nattraversal#ipsecproposal1#ipsecpolicypol11isakmpsecurityacl3000ike-peer1proposal1#aclnumber3000rule0permitipsource192.
168.
2.
00.
0.
0.
255destination192.
168.
1.
00.
0.
0.
255#interfaceGigabitEthernet0/0ipaddress202.
38.
1.
2255.
255.
255.
0ipsecpolicypol1#interfaceGigabitEthernet0/1ipaddress192.
168.
2.
1255.
255.
255.
0#firewallzonetrustaddinterfaceGigabitEthernet0/1setpriority85#firewallzoneuntrustaddinterfaceGigabitEthernet0/0setpriority5#iproute-static0.
0.
0.
00.
0.
0.
0202.
38.
1.
1preference60#2.
Eudemon200的主要配置#sysnameEudemon200#ikelocal-namezhongxin#firewallpacket-filterdefaultpermitinterzonelocaltrustdirectioninboundfirewallpacket-filterdefaultpermitinterzonelocaltrustdirectionoutboundfirewallpacket-filterdefaultpermitinterzonelocaluntrustdirectioninboundfirewallpacket-filterdefaultpermitinterzonelocaluntrustdirectionoutboundfirewallpacket-filterdefaultpermitinterzonelocalDMZdirectioninboundfirewallpacket-filterdefaultpermitinterzonelocalDMZdirectionoutboundfirewallpacket-filterdefaultpermitinterzonetrustuntrustdirectioninboundfirewallpacket-filterdefaultpermitinterzonetrustuntrustdirectionoutboundfirewallpacket-filterdefaultpermitinterzonetrustDMZdirectioninboundfirewallpacket-filterdefaultpermitinterzonetrustDMZdirectionoutboundfirewallpacket-filterdefaultpermitinterzoneDMZuntrustdirectioninboundfirewallpacket-filterdefaultpermitinterzoneDMZuntrustdirectionoutbound#natalgenableftpnatalgenablednsnatalgenableicmpnatalgenablenetbiosundonatalgenableh323undonatalgenablehwccundonatalgenableilsundonatalgenablepptpundonatalgenableqqundonatalgenablemsnundonatalgenableuser-define#firewallstatisticsystemenable#ikepeer1exchange-modeaggressivepre-shared-key123local-id-typenameremote-namefenzhinattraversal#ipsecproposal1#ipsecpolicy-templatetemp1ike-peer1proposal1#ipsecpolicypol11isakmptemplatetemp#interfaceEthernet0/0/0ipaddress202.
38.
1.
1255.
255.
255.
0ipsecpolicypol1#interfaceEthernet0/0/1ipaddress192.
168.
1.
1255.
255.
255.
0#firewallzonetrustaddinterfaceEthernet0/0/1setpriority85#firewallzoneuntrustaddinterfaceEthernet0/0/0setpriority5#iproute-static0.
0.
0.
00.
0.
0.
0202.
38.
1.
2#四、配置关键点略.
二、组网图三、配置信息1.
SecPathF1000-A的主要配置#sysnameSecPathF1000-A#ikelocal-namefenzhi#firewallpacket-filterenablefirewallpacket-filterdefaultpermit#ikepeer1exchange-modeaggressivepre-shared-key123id-typenameremote-namezhongxinremote-address202.
38.
1.
1nattraversal#ipsecproposal1#ipsecpolicypol11isakmpsecurityacl3000ike-peer1proposal1#aclnumber3000rule0permitipsource192.
168.
2.
00.
0.
0.
255destination192.
168.
1.
00.
0.
0.
255#interfaceGigabitEthernet0/0ipaddress202.
38.
1.
2255.
255.
255.
0ipsecpolicypol1#interfaceGigabitEthernet0/1ipaddress192.
168.
2.
1255.
255.
255.
0#firewallzonetrustaddinterfaceGigabitEthernet0/1setpriority85#firewallzoneuntrustaddinterfaceGigabitEthernet0/0setpriority5#iproute-static0.
0.
0.
00.
0.
0.
0202.
38.
1.
1preference60#2.
Eudemon200的主要配置#sysnameEudemon200#ikelocal-namezhongxin#firewallpacket-filterdefaultpermitinterzonelocaltrustdirectioninboundfirewallpacket-filterdefaultpermitinterzonelocaltrustdirectionoutboundfirewallpacket-filterdefaultpermitinterzonelocaluntrustdirectioninboundfirewallpacket-filterdefaultpermitinterzonelocaluntrustdirectionoutboundfirewallpacket-filterdefaultpermitinterzonelocalDMZdirectioninboundfirewallpacket-filterdefaultpermitinterzonelocalDMZdirectionoutboundfirewallpacket-filterdefaultpermitinterzonetrustuntrustdirectioninboundfirewallpacket-filterdefaultpermitinterzonetrustuntrustdirectionoutboundfirewallpacket-filterdefaultpermitinterzonetrustDMZdirectioninboundfirewallpacket-filterdefaultpermitinterzonetrustDMZdirectionoutboundfirewallpacket-filterdefaultpermitinterzoneDMZuntrustdirectioninboundfirewallpacket-filterdefaultpermitinterzoneDMZuntrustdirectionoutbound#natalgenableftpnatalgenablednsnatalgenableicmpnatalgenablenetbiosundonatalgenableh323undonatalgenablehwccundonatalgenableilsundonatalgenablepptpundonatalgenableqqundonatalgenablemsnundonatalgenableuser-define#firewallstatisticsystemenable#ikepeer1exchange-modeaggressivepre-shared-key123local-id-typenameremote-namefenzhinattraversal#ipsecproposal1#ipsecpolicy-templatetemp1ike-peer1proposal1#ipsecpolicypol11isakmptemplatetemp#interfaceEthernet0/0/0ipaddress202.
38.
1.
1255.
255.
255.
0ipsecpolicypol1#interfaceEthernet0/0/1ipaddress192.
168.
1.
1255.
255.
255.
0#firewallzonetrustaddinterfaceEthernet0/0/1setpriority85#firewallzoneuntrustaddinterfaceEthernet0/0/0setpriority5#iproute-static0.
0.
0.
00.
0.
0.
0202.
38.
1.
2#四、配置关键点略.
月神科技-美国CERA 5折半价倒计时,上新华中100G高防云59起!
官方网站:点击访问月神科技官网优惠码:美国优惠方案:CPU:E5-2696V2,机房:国人热衷的优质 CeraNetworks机房,优惠码:3wuZD43F 【过期时间:5.31,季付年付均可用】活动方案:1、美国机房:洛杉矶CN2-GIA,100%高性能核心:2核CPU内存:2GB硬盘:50GB流量:Unmilited端口:10Mbps架构:KVM折后价:15元/月、150元/年传送:购买链接洛...
江苏云服务器 2H2G 20M 79元/月 大宽带159元/月 高性能挂机宝6元/月 香港CN2 GIA、美国200G防御 CN2 GIA 折后18元/月 御速云
介绍:御速云成立于2021年的国人商家,深圳市御速信息技术有限公司旗下品牌,为您提供安全可靠的弹性计算服务,随着业务需求的变化,您可以实时扩展或缩减计算资源,使用弹性云计算可以极大降低您的软硬件采购成本,简化IT运维工作。主要从事VPS、虚拟主机、CDN等云计算产品业务,适合建站、新手上车的值得选择,拥有华东江苏、华东山东等国内优质云产品;香港三网直连(电信CN2GIA联通移动CN2直连);美国高...
Spinservers美国圣何塞服务器$111/月流量10TB
Spinservers是Majestic Hosting Solutions,LLC旗下站点,主营美国独立服务器租用和Hybrid Dedicated等,数据中心位于美国德克萨斯州达拉斯和加利福尼亚圣何塞机房。TheServerStore.com,自 1994 年以来,它是一家成熟的企业 IT 设备供应商,专门从事二手服务器和工作站业务,在德克萨斯州拥有 40,000 平方英尺的仓库,库存中始终有...
linux防火墙设置为你推荐
-
企业信息查询系统官网怎么在网上查询企业营业执照是否存在?cuteftp什么是CuteFTP?如何将网站内容上传(FTP)到网站空间?重庆电信dns重庆的DNS服务器地址是多少?ipad代理想买个ipad,3000至4000元左右有什么好的闪拍网闪拍网之类的网站怎么回事?厦门三五互联科技股份有限公司厦门三五互联做销售怎么样?三五互联科技股份有限公司三五互联 网站做的怎么样 公司打算做网站,近来接到电话,不知道网站做的如何,水平怎么样,后期的服务呢discuz伪静态DZ怎么开启全站伪静态kingcmsKingCMS 开始该则呢么设置呢?discuz!databaseerrorDiscuz,Database Error是什么原因,怎么修复