h3c f100 s 防火墙接h3c msr20路由器 接主机,主机不能ping通外网网管
防火墙配置:firewallpacket-filterenablefirewallpacket-filterdefaultpermit#undoconnection-li...
防火墙配置: firewall packet-filter enable firewall packet-filter default permit# undo connection-limit enable connection-limit default deny connection-limit default amount upper-limit 50 lower-limit 20# firewall statistic system enable#radius scheme system server-type extended#interface Aux0 async mode flow#interface Ethernet0/0 ip address 172.10.11.156 255.255.255.0 nat outbound 3000#interface Ethernet0/1 ip address 10.1.1.2 255.255.255.0#interface Ethernet0/3 ip address 172.16.2.254 255.255.255.0#interface Encrypt1/0#interface NULL0#firewall zone local set priority 100#firewall zone trust add interface Ethernet0/1 add interface Ethernet0/2 add interface Ethernet0/3 set priority 85#firewall zone untrust add interface Ethernet0/0 set priority 5# firewall zone DMZ set priority 50#firewall interzone local trust#firewall interzone local untrust#firewall interzone local DMZ#firewall interzone trust untrust#firewall interzone trust DMZ#firewall interzone DMZ untrust# ip route-static 0.0.0.0 0.0.0.0 172.10.11.1 preference 60 ip route-static 172.20.20.0 255.255.255.0 10.1.1.1 preference 60#user-interface con 0user-interface aux 0user-interface vty 0 4#return
路由器配置了相应的接口地址和路由
ip route-static 0.0.0.0 0.0.0.0 10.1.1.2
相互都能ping通,但是172.20.20.101主机pig不通172.10.11.1
是不是防火墙连接172.10.11.1的接口少配置了什么东西?说是超时。
如何解决?请求帮助
请给出相应的指令,不要说参考哪里哪里·谢谢。我新手
路由器部分配置
#
interface Ethernet0/0
port link-mode route
ip address 10.1.1.1 255.255.255.0
#
interface Ethernet0/1
port link-mode route
ip address 172.20.20.1 255.255.255.0
#
ip route-static 0.0.0.0 0.0.0.0 10.1.1.2
#
load xml-configuration
#
user-interface con 0
user-interface tty 13
user-interface aux 0
user-interface vty 0 4
authentication-mode scheme
#
return 展开
路由器配置了相应的接口地址和路由
ip route-static 0.0.0.0 0.0.0.0 10.1.1.2
相互都能ping通,但是172.20.20.101主机pig不通172.10.11.1
是不是防火墙连接172.10.11.1的接口少配置了什么东西?说是超时。
如何解决?请求帮助
请给出相应的指令,不要说参考哪里哪里·谢谢。我新手
路由器部分配置
#
interface Ethernet0/0
port link-mode route
ip address 10.1.1.1 255.255.255.0
#
interface Ethernet0/1
port link-mode route
ip address 172.20.20.1 255.255.255.0
#
ip route-static 0.0.0.0 0.0.0.0 10.1.1.2
#
load xml-configuration
#
user-interface con 0
user-interface tty 13
user-interface aux 0
user-interface vty 0 4
authentication-mode scheme
#
return 展开
1个回答
推荐律师服务:
若未解决您的问题,请您详细描述您的问题,通过百度律临进行免费专业咨询