华为AR28-31路由器10.65.156.27
2010-01-02 22:12
309 查看
首先配置路由器的接口的ip地址,参考命令如下:
[R1]interfacee0
[R1-Ethernet0]ip add 192.168.2.124
[R1]interfacee1
[R1-Ethernet1]ip add192.192.169.1024//这里假设出口ip是192.192.169.10
然后配置地址转换,参考命令如下:
[R1]acl number 2000 //在vrp为3.4的路由器上,2000-2999表示basic acl
[R1-acl-basic-2000]rule permit source 192.168.2.0 0.0.0.255(地址掩码的反码)
[R1-acl-basic-2000]rule deny source any
#这个访问控制列表定义了IP源地址为192.168.2.0/24的外出数据包
[R1] interface e 1
[R1-Ethernet1]nat server protocol tcp global 192.192.169.10(E1的ip) inside 192.168.2.1(内网网关E0的ip)
[R1-Ethernet1] nat outbound 2000(acl的编号)
[R1]ip route-static 0.0.0.0 0.0.0.0 192.192.169.1
#上面设置了路由器的E0和E1端口IP地址,并在路由表中添加缺省路由。
配置实例:
<AR28-31>sys
System View: return to User View with Ctrl+Z.
[AR28-31]dis cur
#
sysname AR28-31
#
super password level 3 cipher 1^S=\(G5!WGQ=^Q`MAF4<1!!
#
nat address-group 1 10.63.128.41 10.63.128.41
nat static 10.65.156.80 10.63.128.16
#
radius scheme system
#
domain system
#
local-user admin
password cipher .]@USE=B,53Q=^Q`MAF4<1!!
service-type telnet terminal
level 3
service-type ftp
local-user datapart
password cipher 1^S=\(G5!WGQ=^Q`MAF4<1!!
service-type telnet
level 3
local-user sjb
password cipher 1^S=\(G5!WGQ=^Q`MAF4<1!!
service-type telnet
level 3
#
acl number 2000
rule 0 permit source 10.65.160.0 0.0.0.255
rule 1 permit source 10.65.170.0 0.0.0.255
rule 2 permit source 10.65.162.0 0.0.0.255
rule 3 permit source 10.65.161.0 0.0.0.255
rule 4 permit source 10.65.163.0 0.0.0.255
rule 5 permit source 10.65.1.35 0
rule 6 permit source 10.21.0.121 0
rule 7 permit source 172.16.40.2 0
rule 10 permit source 10.21.0.1 0
rule 11 permit source 10.21.0.2 0
rule 12 permit source 10.21.0.30 0
rule 14 permit source 10.63.128.0 0.0.0.255
rule 15 permit source 10.65.156.0 0.0.0.255
rule 16 permit source 10.2.0.187 0
rule 20 permit source 10.2.0.55 0
rule 22 permit source 10.2.0.151 0
rule 24 permit source 192.168.30.0 0.0.0.255
rule 25 permit source 10.65.0.129 0
rule 26 permit source 10.65.164.101 0
rule 27 permit source 10.65.164.102 0
rule 28 permit source 10.65.164.103 0
rule 29 permit source 10.65.164.104 0
rule 30 permit source 10.65.164.105 0
rule 31 permit source 10.65.164.106 0
rule 32 permit source 10.65.164.107 0
rule 33 permit source 10.21.0.13 0
rule 34 deny
#
interface Aux0
async mode flow
#
interface Ethernet0/0
ip address dhcp-alloc
#
interface Ethernet0/1
ip address dhcp-alloc
#
interface Ethernet3/0
ip address 10.63.128.55 255.255.255.0
nat outbound static
nat outbound 2000 address-group 1
#
interface Ethernet3/1
ip address 10.65.156.27 255.255.128.0
nat outbound static
#
interface NULL0
#
time-range nogame 07:30 to 11:00 working-day
time-range nogame 13:30 to 17:00 working-day
#
FTP server enable
#
ip route-static 0.0.0.0 0.0.0.0 10.65.155.0 preference 60
ip route-static 10.0.0.0 255.0.0.0 10.63.128.251 preference 60
ip route-static 10.20.0.0 255.255.128.0 10.65.150.1 preference 60
ip route-static 10.21.0.0 255.255.128.0 10.65.150.1 preference 60
ip route-static 10.65.155.18 255.255.255.255 10.65.155.0 preference 60
ip route-static 172.16.32.0 255.255.255.0 10.65.150.4 preference 60
ip route-static 172.16.40.0 255.255.255.0 10.65.150.4 preference 60
ip route-static 192.168.30.0 255.255.255.0 10.65.155.0 preference 60
#
user-interface con 0
user-interface aux 0
user-interface vty 0 4
authentication-mode scheme
#
return
2009年5月20日更新本文出自 “孙瑞超博客” 博客,请务必保留此出处http://sunrc.blog.51cto.com/747991/254763
[R1]interfacee0
[R1-Ethernet0]ip add 192.168.2.124
[R1]interfacee1
[R1-Ethernet1]ip add192.192.169.1024//这里假设出口ip是192.192.169.10
然后配置地址转换,参考命令如下:
[R1]acl number 2000 //在vrp为3.4的路由器上,2000-2999表示basic acl
[R1-acl-basic-2000]rule permit source 192.168.2.0 0.0.0.255(地址掩码的反码)
[R1-acl-basic-2000]rule deny source any
#这个访问控制列表定义了IP源地址为192.168.2.0/24的外出数据包
[R1] interface e 1
[R1-Ethernet1]nat server protocol tcp global 192.192.169.10(E1的ip) inside 192.168.2.1(内网网关E0的ip)
[R1-Ethernet1] nat outbound 2000(acl的编号)
[R1]ip route-static 0.0.0.0 0.0.0.0 192.192.169.1
#上面设置了路由器的E0和E1端口IP地址,并在路由表中添加缺省路由。
配置实例:
<AR28-31>sys
System View: return to User View with Ctrl+Z.
[AR28-31]dis cur
#
sysname AR28-31
#
super password level 3 cipher 1^S=\(G5!WGQ=^Q`MAF4<1!!
#
nat address-group 1 10.63.128.41 10.63.128.41
nat static 10.65.156.80 10.63.128.16
#
radius scheme system
#
domain system
#
local-user admin
password cipher .]@USE=B,53Q=^Q`MAF4<1!!
service-type telnet terminal
level 3
service-type ftp
local-user datapart
password cipher 1^S=\(G5!WGQ=^Q`MAF4<1!!
service-type telnet
level 3
local-user sjb
password cipher 1^S=\(G5!WGQ=^Q`MAF4<1!!
service-type telnet
level 3
#
acl number 2000
rule 0 permit source 10.65.160.0 0.0.0.255
rule 1 permit source 10.65.170.0 0.0.0.255
rule 2 permit source 10.65.162.0 0.0.0.255
rule 3 permit source 10.65.161.0 0.0.0.255
rule 4 permit source 10.65.163.0 0.0.0.255
rule 5 permit source 10.65.1.35 0
rule 6 permit source 10.21.0.121 0
rule 7 permit source 172.16.40.2 0
rule 10 permit source 10.21.0.1 0
rule 11 permit source 10.21.0.2 0
rule 12 permit source 10.21.0.30 0
rule 14 permit source 10.63.128.0 0.0.0.255
rule 15 permit source 10.65.156.0 0.0.0.255
rule 16 permit source 10.2.0.187 0
rule 20 permit source 10.2.0.55 0
rule 22 permit source 10.2.0.151 0
rule 24 permit source 192.168.30.0 0.0.0.255
rule 25 permit source 10.65.0.129 0
rule 26 permit source 10.65.164.101 0
rule 27 permit source 10.65.164.102 0
rule 28 permit source 10.65.164.103 0
rule 29 permit source 10.65.164.104 0
rule 30 permit source 10.65.164.105 0
rule 31 permit source 10.65.164.106 0
rule 32 permit source 10.65.164.107 0
rule 33 permit source 10.21.0.13 0
rule 34 deny
#
interface Aux0
async mode flow
#
interface Ethernet0/0
ip address dhcp-alloc
#
interface Ethernet0/1
ip address dhcp-alloc
#
interface Ethernet3/0
ip address 10.63.128.55 255.255.255.0
nat outbound static
nat outbound 2000 address-group 1
#
interface Ethernet3/1
ip address 10.65.156.27 255.255.128.0
nat outbound static
#
interface NULL0
#
time-range nogame 07:30 to 11:00 working-day
time-range nogame 13:30 to 17:00 working-day
#
FTP server enable
#
ip route-static 0.0.0.0 0.0.0.0 10.65.155.0 preference 60
ip route-static 10.0.0.0 255.0.0.0 10.63.128.251 preference 60
ip route-static 10.20.0.0 255.255.128.0 10.65.150.1 preference 60
ip route-static 10.21.0.0 255.255.128.0 10.65.150.1 preference 60
ip route-static 10.65.155.18 255.255.255.255 10.65.155.0 preference 60
ip route-static 172.16.32.0 255.255.255.0 10.65.150.4 preference 60
ip route-static 172.16.40.0 255.255.255.0 10.65.150.4 preference 60
ip route-static 192.168.30.0 255.255.255.0 10.65.155.0 preference 60
#
user-interface con 0
user-interface aux 0
user-interface vty 0 4
authentication-mode scheme
#
return
2009年5月20日更新本文出自 “孙瑞超博客” 博客,请务必保留此出处http://sunrc.blog.51cto.com/747991/254763
相关文章推荐
- 华为AR28-31路由器基于时间访问列表
- 华为AR28-31路由器的E1捆绑配置
- 华为AR28-31路由器的E1捆绑配置
- 华为AR28-31配置扫盲
- 华为AR28-31配置光纤接入
- 华为AR28-31配置PPPoE宽带接入
- 华为AR28-31配置PPPoE宽带接入
- H3C AR28-31路由器组网实验
- 华为AR28-31配置PPPoE宽带接入
- 华为AR28-31 异步拨号配置
- 华为AR28-31配置实现PPPOE server
- 华为AR28-31配置光纤接入
- 华为AR28-31通过单臂路由实现vlan间路由以及介入Internet 推荐
- H3C S5024P交换机 H3C AR28-31路由器命令
- AR28-31配置上网
- 2012年华为还将发布78款园区交换机,15款AR路由器,18款WLAN产品,7款数据中心交换
- 华为AR路由器双出口(PPPOE拨号)上网丢包卡顿问题
- 华为AR28系列限制最大链接数配置