H3C SecPath F100-S-AC 透明模式配置脚本
H3C SecPath F100-S-AC 透明模式配置脚本
system-view firewall packet-filter enable firewall packet-filter default permit # undo connection-limit enable connection-limit default deny connection-limit default amount upper-limit 50 lower-limit 20 # firewall mode transparent firewall system-ip 10.0.0.2 255.255.255.0 firewall unknown-mac broadcast flood # firewall statistic system enable # radius scheme system server-type extended # domain system # local-user admin password simple admin service-type telnet level 3 # interface Aux0 async mode flow # interface Ethernet0/0 promiscuous # interface Ethernet0/1 promiscuous # interface Ethernet0/2 promiscuous # interface Ethernet0/3 promiscuous # interface Encrypt1/0 # interface NULL0 # interface LoopBack0 ip address 10.0.0.2 255.255.255.0 # firewall zone local set priority 100 # firewall zone trust add interface Ethernet0/1 set priority 85 # firewall zone untrust add interface Ethernet0/0 set priority 5 # firewall zone DMZ set priority 50 # firewall interzone local trust # firewall interzone local untrust # firewall interzone local DMZ # firewall interzone trust untrust # firewall interzone trust DMZ # firewall interzone DMZ untrust # user-interface con 0 user-interface aux 0 user-interface vty 0 4 #Or return
发表评论
| Trackback
