4,356
社区成员
发帖
与我相关
我的任务
分享华为acl问题
#
sysname Quidway
#
clock timezone gmt+08:004 add 08:00:00
#
cpu-usage cycle 1min
#
connection-limit disable
connection-limit default action deny
connection-limit default amount upper-limit 50 lower-limit 20
#
dialer-rule 1 ip permit
#
web set-package force flash:/http.zip
#
radius scheme system
#
domain system
#
local-user admin
password cipher .]@USE=B,53Q=^Q`MAF4<1!!
service-type telnet terminal
level 3
service-type ftp
#
dhcp server ip-pool h3c
network 192.168.1.0 mask 255.255.255.0
gateway-list 192.168.1.1
#
detect-group 1
detect-list 1 ip address 10.207.235.2
#
acl number 2000
rule 0 permit source 192.168.1.0 0.0.0.255
rule 1 deny
acl number 2001
rule 0 permit source 192.168.1.0 0.0.0.50
rule 1 deny
#
interface Dialer1
link-protocol ppp
ppp chap user 87110000667@crc.201
ppp chap password simple 196812
ppp pap local-user 8711000667@crc.201 password simple 196812
ppp ipcp dns admit-any
ppp ipcp dns request
tcp mss 1024
ip address ppp-negotiate
dialer user 8711000667@crc.201
dialer bundle 1
dialer-group 1
nat outbound 3000
nat outbound 2001
#
interface Ethernet1/0
pppoe-client dial-bundle-number 1
ip address dhcp-alloc
dhcp select relay
#
interface Ethernet2/0
ip address 10.207.235.71 255.255.255.0
dhcp select relay
nat outbound 2000
#
interface Ethernet3/0
ip address 192.168.1.1 255.255.255.0
dhcp select relay
#
interface Ethernet3/1
#
interface Ethernet3/2
#
interface Ethernet3/3
#
interface Ethernet3/4
#
interface Ethernet3/5
#
interface Ethernet3/6
#
interface Ethernet3/7
#
interface Ethernet3/8
#
interface Ethernet3/9
#
interface Ethernet3/10
#
interface Ethernet3/11
#
interface Ethernet3/12
#
interface Ethernet3/13
#
interface Ethernet3/14
#
interface Ethernet3/15
#
interface Ethernet3/16
#
interface Ethernet3/17
#
interface Ethernet3/18
#
interface Ethernet3/19
#
interface Ethernet3/20
#
interface Ethernet3/21
#
interface Ethernet3/22
#
interface Ethernet3/23
#
interface Ethernet3/24
#
interface NULL0
#
FTP server enable
#
dhcp server forbidden-ip 192.168.1.1
dhcp server forbidden-ip 192.168.1.254
undo dhcp enable
#
ip route-static 0.0.0.0 0.0.0.0 Dialer 1 preference 80
ip route-static 10.0.0.0 255.0.0.0 10.207.235.2 preference 60 detect-group 1
#
user-interface con 0
user-interface vty 0 4
authentication-mode scheme
#
return
为何2、50能上外网,20、40、49等却不能?
sysname Quidway
#
clock timezone gmt+08:004 add 08:00:00
#
cpu-usage cycle 1min
#
connection-limit disable
connection-limit default action deny
connection-limit default amount upper-limit 50 lower-limit 20
#
dialer-rule 1 ip permit
#
web set-package force flash:/http.zip
#
radius scheme system
#
domain system
#
local-user admin
password cipher .]@USE=B,53Q=^Q`MAF4<1!!
service-type telnet terminal
level 3
service-type ftp
#
dhcp server ip-pool h3c
network 192.168.1.0 mask 255.255.255.0
gateway-list 192.168.1.1
#
detect-group 1
detect-list 1 ip address 10.207.235.2
#
acl number 2000
rule 0 permit source 192.168.1.0 0.0.0.255
rule 1 deny
acl number 2001
rule 0 permit source 192.168.1.0 0.0.0.50
rule 1 deny
#
interface Dialer1
link-protocol ppp
ppp chap user 87110000667@crc.201
ppp chap password simple 196812
ppp pap local-user 8711000667@crc.201 password simple 196812
ppp ipcp dns admit-any
ppp ipcp dns request
tcp mss 1024
ip address ppp-negotiate
dialer user 8711000667@crc.201
dialer bundle 1
dialer-group 1
nat outbound 3000
nat outbound 2001
#
interface Ethernet1/0
pppoe-client dial-bundle-number 1
ip address dhcp-alloc
dhcp select relay
#
interface Ethernet2/0
ip address 10.207.235.71 255.255.255.0
dhcp select relay
nat outbound 2000
#
interface Ethernet3/0
ip address 192.168.1.1 255.255.255.0
dhcp select relay
#
interface Ethernet3/1
#
interface Ethernet3/2
#
interface Ethernet3/3
#
interface Ethernet3/4
#
interface Ethernet3/5
#
interface Ethernet3/6
#
interface Ethernet3/7
#
interface Ethernet3/8
#
interface Ethernet3/9
#
interface Ethernet3/10
#
interface Ethernet3/11
#
interface Ethernet3/12
#
interface Ethernet3/13
#
interface Ethernet3/14
#
interface Ethernet3/15
#
interface Ethernet3/16
#
interface Ethernet3/17
#
interface Ethernet3/18
#
interface Ethernet3/19
#
interface Ethernet3/20
#
interface Ethernet3/21
#
interface Ethernet3/22
#
interface Ethernet3/23
#
interface Ethernet3/24
#
interface NULL0
#
FTP server enable
#
dhcp server forbidden-ip 192.168.1.1
dhcp server forbidden-ip 192.168.1.254
undo dhcp enable
#
ip route-static 0.0.0.0 0.0.0.0 Dialer 1 preference 80
ip route-static 10.0.0.0 255.0.0.0 10.207.235.2 preference 60 detect-group 1
#
user-interface con 0
user-interface vty 0 4
authentication-mode scheme
#
return
为何2、50能上外网,20、40、49等却不能?
...全文
请发表友善的回复…
发表回复
meiZiNick 2008-05-01
- 打赏
- 举报
接分是王道!
UltraBejing 2008-05-01
- 打赏
- 举报
都是很好的建议! 值得学习
CathySun118 2008-03-24
- 打赏
- 举报
关注
一半乐事 2008-03-20
- 打赏
- 举报
不太理解你的问题。
你确认配置没有问题吗?
acl number 2001
rule 0 permit source 192.168.1.0 0.0.0.50
rule 1 deny
这种配法可以吗?以前没见过。
你确认配置没有问题吗?
acl number 2001
rule 0 permit source 192.168.1.0 0.0.0.50
rule 1 deny
这种配法可以吗?以前没见过。
dobear_0922 2008-02-19
- 打赏
- 举报
不清楚,帮顶
