如题
配置如下,请大侠们帮帮我啊,谢谢
[Router]dis cu
Now create configuration...
Current configuration
!
version 1.74
local-user 8282828282 service-type administrator password simple 828282828282
local-user ybwc service-type ppp password simple ybwc
l2tp enable
ip pool 1 192.168.0.100 192.168.0.150
firewall enable
aaa-enable
aaa accounting-scheme optional
!
acl 2000 match-order auto
rule normal permit source 192.168.0.2 0.0.0.0
rule normal permit source 192.168.0.1 0.0.0.0
rule normal permit source 192.168.0.3 0.0.0.0
rule normal permit source 192.168.0.4 0.0.0.0
rule normal permit source 192.168.0.5 0.0.0.0
rule normal permit source 192.168.0.6 0.0.0.0
rule normal permit source 192.168.0.7 0.0.0.0
rule normal permit source 192.168.0.8 0.0.0.0
rule normal permit source 192.168.0.9 0.0.0.0
rule normal permit source 192.168.0.10 0.0.0.0
rule normal permit source 192.168.0.11 0.0.0.0
rule normal permit source 192.168.0.12 0.0.0.0
rule normal permit source 192.168.0.13 0.0.0.0
rule normal permit source 192.168.0.14 0.0.0.0
rule normal permit source 192.168.0.15 0.0.0.0
rule normal permit source 192.168.0.16 0.0.0.0
rule normal permit source 192.168.0.17 0.0.0.0
rule normal permit source 192.168.0.18 0.0.0.0
rule normal permit source 192.168.0.19 0.0.0.0
rule normal permit source 192.168.0.20 0.0.0.0
rule normal deny source any
!
acl 3001 match-order auto
rule normal deny tcp source any destination any destination-port equal 445
!
acl 3002 match-order auto
rule normal deny tcp source any destination any destination-port equal 5554
!
acl 3003 match-order auto
rule normal deny tcp source any destination any destination-port equal 9996
!
acl 3004 match-order auto
rule normal deny tcp source any destination any destination-port equal 135
rule normal deny tcp source any destination any destination-port equal 136
rule normal deny tcp source any destination any destination-port equal 137
rule normal deny tcp source any destination any destination-port equal 138
rule normal deny tcp source any destination any destination-port equal 139
rule normal deny tcp source any destination any destination-port equal 443
rule normal deny udp source any destination any destination-port equal 135
rule normal deny udp source any destination any destination-port equal 136
rule normal deny udp source any destination any destination-port equal 445
rule normal deny tcp source any destination any destination-port equal 445
rule normal deny udp source any destination any destination-port equal netbi
os-ns
rule normal deny udp source any destination any destination-port equal netbi
os-dgm
rule normal deny udp source any destination any destination-port equal netbi
os-ssn
!
interface Au820
async mode flow
link-protocol ppp
!
interface Ethernet0
ip address 192.168.0.88 255.255.255.0
firewall packet-filter 3004 inbound
firewall packet-filter 3003 inbound
firewall packet-filter 3002 inbound
firewall packet-filter 3001 inbound
firewall packet-filter 3001 outbound
!
interface Ethernet1
ip address 220.166.123.82 255.255.255.0
nat outbound 2000 interface
nat server global 220.166.123.82 www inside 192.168.0.3 www tcp
nat server global 220.166.123.82 5632 inside 192.168.0.11 5632 tcp
nat server global 220.166.123.82 5631 inside 192.168.0.11 5631 tcp
nat server global 220.166.123.82 1433 inside 192.168.0.3 1433 tcp
!
interface Serial0
link-protocol ppp
!
interface Serial1
link-protocol ppp
!
interface Virtual-Template1
link-protocol ppp
ppp authentication-mode chap
remote address pool 1
ip address unnumbered Ethernet0
!
l2tp-group 1
! Default L2TP group
allow l2tp virtual-template 1
mandatory-lcp
mandatory-chap
tunnel name ybwc
undo tunnel authentication
!
quit
ip route-static 0.0.0.0 0.0.0.0 220.166.123.1 preference 60
!
return
[Router]
欢迎光临 千家论坛_智能建筑与智能家居技术交流社区 (http://bbs.qianjia.com:8020/) | Powered by Discuz! X3.2 |