华为USG6600防火墙NAT地址转换配置实例.docx
- 文档编号:11513246
- 上传时间:2023-06-01
- 格式:DOCX
- 页数:17
- 大小:119.18KB
华为USG6600防火墙NAT地址转换配置实例.docx
《华为USG6600防火墙NAT地址转换配置实例.docx》由会员分享,可在线阅读,更多相关《华为USG6600防火墙NAT地址转换配置实例.docx(17页珍藏版)》请在冰点文库上搜索。
华为USG6600防火墙NAT地址转换配置实例
华为USG6600防火墙NAT地址转换配置实例
[NAT-FW]配置
19:
19:
252015/11/02
#
interfaceGigabitEthernet0/0/0
aliasGE0/MGMT
ipaddress192.168.0.1255.255.255.0
dhcpselectinterface
dhcpservergateway-list192.168.0.1
#
interfaceGigabitEthernet0/0/1
ipaddress10.221.183.2255.255.255.0
#
interfaceGigabitEthernet0/0/2
ipaddress10.196.212.3255.255.255.0
#
interfaceGigabitEthernet0/0/3
ipaddress10.146.22.98255.255.255.252
#
interfaceGigabitEthernet0/0/4
#
interfaceGigabitEthernet0/0/5
#
interfaceGigabitEthernet0/0/6
#
interfaceGigabitEthernet0/0/7
#
interfaceGigabitEthernet0/0/8
#
interfaceNULL0
aliasNULL0
#
firewallzonelocal
setpriority100
#
firewallzonetrust
setpriority85
addinterfaceGigabitEthernet0/0/0
addinterfaceGigabitEthernet0/0/2
#
firewallzoneuntrust
setpriority5
addinterfaceGigabitEthernet0/0/3
#
firewallzonedmz
setpriority50
#
firewallzonenameivms
setpriority10
addinterfaceGigabitEthernet0/0/1
#
aaa
local-useradminpasswordcipher%$%$A`_&-qU7951.=&&W!
Jj-y2)}%$%$
local-useradminservice-typewebterminaltelnet
local-useradminlevel15
authentication-schemedefault
#
authorization-schemedefault
#
accounting-schemedefault
#
domaindefault
#
#
nqa-jittertag-version1
#
iproute-static10.0.0.0255.0.0.010.146.22.97
iproute-static10.196.202.0255.255.255.010.196.212.1
iproute-static10.196.204.0255.255.255.010.196.212.1
iproute-static10.221.0.0255.255.0.010.221.183.1
#
bannerenable
#
user-interfacecon0
authentication-modenone
user-interfacevty04
authentication-modenone
protocolinboundall
#
slb
#
right-managerserver-group
#
sysnameNAT-FW
#
l2tpdomainsuffix-separator@
#
firewallpacket-filterdefaultpermitinterzonelocaltrustdirectioninbound
firewallpacket-filterdefaultpermitinterzonelocaltrustdirectionoutbound
firewallpacket-filterdefaultpermitinterzonelocaluntrustdirectioninbound
firewallpacket-filterdefaultpermitinterzonelocaluntrustdirectionoutbound
firewallpacket-filterdefaultpermitinterzonelocaldmzdirectioninbound
firewallpacket-filterdefaultpermitinterzonelocaldmzdirectionoutbound
firewallpacket-filterdefaultpermitinterzonelocalivmsdirectioninbound
firewallpacket-filterdefaultpermitinterzonelocalivmsdirectionoutbound
firewallpacket-filterdefaultpermitinterzonetrustuntrustdirectioninbound
firewallpacket-filterdefaultpermitinterzonetrustuntrustdirectionoutbound
firewallpacket-filterdefaultpermitinterzonetrustdmzdirectioninbound
firewallpacket-filterdefaultpermitinterzonetrustdmzdirectionoutbound
firewallpacket-filterdefaultpermitinterzonetrustivmsdirectioninbound
firewallpacket-filterdefaultpermitinterzonetrustivmsdirectionoutbound
firewallpacket-filterdefaultpermitinterzonedmzuntrustdirectioninbound
firewallpacket-filterdefaultpermitinterzonedmzuntrustdirectionoutbound
firewallpacket-filterdefaultpermitinterzoneivmsuntrustdirectioninbound
firewallpacket-filterdefaultpermitinterzoneivmsuntrustdirectionoutbound
firewallpacket-filterdefaultpermitinterzonedmzivmsdirectioninbound
firewallpacket-filterdefaultpermitinterzonedmzivmsdirectionoutbound
#
ipdf-unreachablesenable
#
firewallipv6sessionlink-statecheck
firewallipv6statisticsystemenable
#
dnsresolve
#
firewallstatisticsystemenable
#
pkiocspresponsecacherefreshinterval0
pkiocspresponsecachenumber0
#
undodnsproxy
#
license-serverdomain
#
web-managerenable
#
nat-policyinterzonetrustivmsoutbound
policy0
actionsource-nat
easy-ipGigabitEthernet0/0/1
#
return
[TMIS-SW]配置
#
sysnameTMIS-SW
#
clusterenable
ntdpenable
ndpenable
#
dropillegal-macalarm
#
diffservdomaindefault
#
drop-profiledefault
#
aaa
authentication-schemedefault
authorization-schemedefault
accounting-schemedefault
domaindefault
domaindefault_admin
local-useradminpasswordsimpleadmin
local-useradminservice-typehttp
#
interfaceVlanif1
ipaddress10.196.212.1255.255.255.0
ipaddress10.196.202.1255.255.255.0sub
ipaddress10.196.204.1255.255.255.0sub
#
interfaceMEth0/0/1
#
interfaceGigabitEthernet0/0/1
#
interfaceGigabitEthernet0/0/2
#
interfaceGigabitEthernet0/0/3
#
interfaceGigabitEthernet0/0/4
#
interfaceGigabitEthernet0/0/5
#
interfaceGigabitEthernet0/0/6
#
interfaceGigabitEthernet0/0/7
#
interfaceGigabitEthernet0/0/8
#
interfaceGigabitEthernet0/0/9
#
interfaceGigabitEthernet0/0/10
#
interfaceGigabitEthernet0/0/11
#
interfaceGigabitEthernet0/0/12
#
interfaceGigabitEthernet0/0/13
#
interfaceGigabitEthernet0/0/14
#
interfaceGigabitEthernet0/0/15
#
interfaceGigabitEthernet0/0/16
#
interfaceGigabitEthernet0/0/17
#
interfaceGigabitEthernet0/0/18
#
interfaceGigabitEthernet0/0/19
#
interfaceGigabitEthernet0/0/20
#
interfaceGigabitEthernet0/0/21
#
interfaceGigabitEthernet0/0/22
#
interfaceGigabitEthernet0/0/23
#
interfaceGigabitEthernet0/0/24
#
interfaceNULL0
#
iproute-static10.0.0.0255.0.0.010.196.212.3
#
user-interfacecon0
user-interfacevty04
#
return
[TMIS-SHU]配置
#
sysnameTMIS-SHU
#
aaa
authentication-schemedefault
authorization-schemedefault
accounting-schemedefault
domaindefault
domaindefault_admin
local-useradminpasswordcipher"'(XSjA>n4=H)H2[EInBak2#
local-useradminservice-typehttp
#
firewallzoneLocal
priority16
#
interfaceEthernet0/0/0
#
interfaceEthernet0/0/1
#
interfaceSerial0/0/0
link-protocolppp
#
interfaceSerial0/0/1
link-protocolppp
#
interfaceSerial0/0/2
link-protocolppp
#
interfaceSerial0/0/3
link-protocolppp
#
interfaceGigabitEthernet0/0/0
ipaddress10.146.22.97255.255.255.252
#
interfaceGigabitEthernet0/0/1
#
interfaceGigabitEthernet0/0/2
#
interfaceGigabitEthernet0/0/3
#
wlan
#
interfaceNULL0
#
interfaceLoopBack0
ipaddress10.192.4.11255.255.255.255
#
iproute-static10.196.0.0255.255.0.010.146.22.98
#
user-interfacecon0
user-interfacevty04
user-interfacevty1620
#
return
[IVMS-SW]配置
#
sysnameIVMS-SW
#
clusterenable
ntdpenable
ndpenable
#
dropillegal-macalarm
#
diffservdomaindefault
#
drop-profiledefault
#
aaa
authentication-schemedefault
authorization-schemedefault
accounting-schemedefault
domaindefault
domaindefault_admin
local-useradminpasswordsimpleadmin
local-useradminservice-typehttp
#
interfaceVlanif1
#
interfaceMEth0/0/1
#
interfaceGigabitEthernet0/0/1
#
interfaceGigabitEthernet0/0/2
#
interfaceGigabitEthernet0/0/3
#
interfaceGigabitEthernet0/0/4
#
interfaceGigabitEthernet0/0/5
#
interfaceGigabitEthernet0/0/6
#
interfaceGigabitEthernet0/0/7
#
interfaceGigabitEthernet0/0/8
#
interfaceGigabitEthernet0/0/9
#
interfaceGigabitEthernet0/0/10
#
interfaceGigabitEthernet0/0/11
#
interfaceGigabitEthernet0/0/12
#
interfaceGigabitEthernet0/0/13
#
interfaceGigabitEthernet0/0/14
#
interfaceGigabitEthernet0/0/15
#
interfaceGigabitEthernet0/0/16
#
interfaceGigabitEthernet0/0/17
#
interfaceGigabitEthernet0/0/18
#
interfaceGigabitEthernet0/0/19
#
interfaceGigabitEthernet0/0/20
#
interfaceGigabitEthernet0/0/21
#
interfaceGigabitEthernet0/0/22
#
interfaceGigabitEthernet0/0/23
#
interfaceGigabitEthernet0/0/24
#
interfaceNULL0
#
user-interfacecon0
user-interfacevty04
#
Return
[IVMS-R]配置
#
sysnameIVMS-R
#
aaa
authentication-schemedefault
authorization-schemedefault
accounting-schemedefault
domaindefault
domaindefault_admin
local-useradminpasswordcipher%RnRIyYTPRpe}@HMNPn@fma#
local-useradminservice-typehttp
#
firewallzoneLocal
priority16
#
interfaceEthernet0/0/0
#
interfaceEthernet0/0/1
#
interfaceSerial0/0/0
link-protocolppp
#
interfaceSerial0/0/1
link-protocolppp
#
interfaceSerial0/0/2
link-protocolppp
#
interfaceSerial0/0/3
link-protocolppp
#
interfaceGigabitEthernet0/0/0
ipaddress10.221.183.1255.255.255.0
#
interfaceGigabitEthernet0/0/1
#
interfaceGigabitEthernet0/0/2
#
interfaceGigabitEthernet0/0/3
#
wlan
#
interfaceNULL0
#
interfaceLoopBack0
ipaddress10.192.4.11255.255.255.255
#
user-interfacecon0
user-interfacevty04
user-interfacevty1620
#
return
- 配套讲稿:
如PPT文件的首页显示word图标,表示该PPT已包含配套word讲稿。双击word图标可打开word文档。
- 特殊限制:
部分文档作品中含有的国旗、国徽等图片,仅作为作品整体效果示例展示,禁止商用。设计者仅对作品中独创性部分享有著作权。
- 关 键 词:
- 华为 USG6600 防火墙 NAT 地址 转换 配置 实例