In addition to Weibo, there is also WeChat
Please pay attention
WeChat public account
Shulou
2025-01-16 Update From: SLTechnology News&Howtos shulou NAV: SLTechnology News&Howtos > Network Security >
Share
Shulou(Shulou.com)06/01 Report--
Huasan F1020 firewall connects users' intranet and Internet as LNS devices, users connect operators' LAC devices through mobile phone APN, and LAC establishes a tunnel with LNS for authentication, so that users can access intranet resources through their mobile phones.
Display cu
#
Version 7.1.064, Release 9313P07
#
Sysname H3C
#
Context Admin id 1
#
Ip * *-instance management
Route-distinguisher 1000000000:1
* *-target 1000000000001import-extcommunity
* *-target 1000000000001export-extcommunity
#
Telnet server enable
#
Irf mac-address persistent timer
Irf auto-update enable
Undo irf link-delay
Irf member 1 priority 1
#
Ip pool 1 10.60.8.2 10.60.8.254
Ip pool 1 gateway 10.60.8.1
#
Nat address-group 0
Address XXXX XXXX
#
Password-recovery enable
#
Vlan 1
#
Vlan 10
#
Vlan 20
#
Vlan 2946
#
Vlan 2949
#
Interface Virtual-Template1
Ppp authentication-mode chap pap domain XXXX.vpdn.sd
Remote address pool 1
Ip address 10.60.8.1 255.255.255.0
#
Interface NULL0
#
Interface Vlan-interface10
#
Interface Vlan-interface20
Ip address 192.168.5.1 255.255.255.0
#
Interface Vlan-interface2946
#
Interface Vlan-interface2949
#
Interface GigabitEthernet1/0/0
Port link-mode route
Ip binding * *-instance management
Ip address 192.168.0.1 255.255.255.0
#
Interface GigabitEthernet1/0/1
Port link-mode route
Ip address XXXX 255.255.255.248
Nat outbound address-group 0
#
Interface GigabitEthernet1/0/3
Port link-mode route
#
Interface GigabitEthernet1/0/4
Port link-mode route
#
Interface GigabitEthernet1/0/5
Port link-mode route
#
Interface GigabitEthernet1/0/6
Port link-mode route
#
Interface GigabitEthernet1/0/7
Port link-mode route
#
Interface GigabitEthernet1/0/8
Port link-mode route
#
Interface GigabitEthernet1/0/9
Port link-mode route
#
Interface GigabitEthernet1/0/10
Port link-mode route
#
Interface GigabitEthernet1/0/11
Port link-mode route
#
Interface GigabitEthernet1/0/12
Port link-mode route
#
Interface GigabitEthernet1/0/13
Port link-mode route
#
Interface GigabitEthernet1/0/14
Port link-mode route
#
Interface GigabitEthernet1/0/15
Port link-mode route
#
Interface GigabitEthernet1/0/16
Port link-mode route
#
Interface GigabitEthernet1/0/17
Port link-mode route
#
Interface GigabitEthernet1/0/18
Port link-mode route
#
Interface GigabitEthernet1/0/19
Port link-mode route
#
Interface GigabitEthernet1/0/20
Port link-mode route
#
Interface GigabitEthernet1/0/21
Port link-mode route
#
Interface GigabitEthernet1/0/22
Port link-mode route
#
Interface GigabitEthernet1/0/23
Port link-mode route
#
Interface GigabitEthernet1/0/2
Port link-mode bridge
Port access vlan 20
#
Object-policy ip Any-Any
Rule 0 pass
#
Object-policy ip Trust-Trust
Rule 0 pass
#
Object-policy ip Untrust-Untrust
Rule 0 pass
#
Security-zone name Local
#
Security-zone name Trust
Import interface Virtual-Template1
Import interface Vlan-interface20
Import interface GigabitEthernet1/0/2 vlan 20
#
Security-zone name DMZ
#
Security-zone name Untrust
Import interface GigabitEthernet1/0/1
#
Security-zone name Management
Import interface GigabitEthernet1/0/0
#
Security-zone name 1
#
Zone-pair security source Any destination Any
Object-policy apply ip Any-Any
#
Zone-pair security source Trust destination Trust
Object-policy apply ip Trust-Trust
#
Zone-pair security source Untrust destination Untrust
Object-policy apply ip Untrust-Untrust
#
Scheduler logfile size 16
#
Line class aux
User-role network-operator
#
Line class console
User-role network-admin
#
Line class vty
User-role network-operator
#
Line aux 0
User-role network-admin
#
Line con 0
Authentication-mode scheme
User-role network-admin
#
Line vty 0 63
Authentication-mode scheme
User-role network-admin
#
Ip route-static 0.0.0.0 0 XXXX
Ip route-static 10.60.1.0 24 XXXX
Ip route-static 10.60.2.0 24 XXXX
#
Ssh server enable
#
Radius scheme XXXX
Primary authentication XXXX 1645
Primary accounting XXXX 1646
Key authentication cipher $cym3 $Ibank xuHLKFRh2Ix1jeKdyjzzpOJcdhdOKRYpo=
Key accounting cipher $Cobb 3 $oLHfHlz5Faj9pQf/TWOUPxyw0b1etDICO3M=
#
Domain XXXX.vpdn.sd
Authentication login radius-scheme XXXX
Accounting login radius-scheme XXXX
Authentication ppp radius-scheme XXXX
Authorization ppp radius-scheme XXXX
Accounting ppp radius-scheme XXXX
Authentication default radius-scheme XXXX
Accounting default radius-scheme XXXX
#
Domain system
#
Aaa session-limit ftp 16
Aaa session-limit telnet 16
Aaa session-limit ssh 16
Domain default enable system
#
Role name level-0
Description Predefined level-0 role
#
Role name level-1
Description Predefined level-1 role
#
Role name level-2
Description Predefined level-2 role
#
Role name level-3
Description Predefined level-3 role
#
Role name level-4
Description Predefined level-4 role
#
Role name level-5
Description Predefined level-5 role
#
Role name level-6
Description Predefined level-6 role
#
Role name level-7
Description Predefined level-7 role
#
Role name level-8
Description Predefined level-8 role
#
Role name level-9
Description Predefined level-9 role
#
Role name level-10
Description Predefined level-10 role
#
Role name level-11
Description Predefined level-11 role
#
Role name level-12
Description Predefined level-12 role
#
Role name level-13
Description Predefined level-13 role
#
Role name level-14
Description Predefined level-14 role
#
User-group system
#
Local-user admin class manage
Password hash $hong6 $8lPZCAvgBiKoLT5y$ivx6NKLL1FHF440QABdKIhvrfMcVjU79eYMJf88TLoD
A675FTabind IiCV85b434xgFh9 cards KSPrHDh6SmeksfcM1nAids =
Service-type ssh telnet terminal https
Authorization-attribute user-role level-3
Authorization-attribute user-role network-admin
Authorization-attribute user-role network-operator
#
L2tp-group 1 mode lns
Allow l2tp virtual-template 1
Tunnel name XXXX
Tunnel password cipher $cym3 $7amv4SHMA Universe Vy1kQnhxqMwM9QoAjyJjWnCgtogether =
#
L2tp enable
#
Ip https enable
#
Ips policy default
#
Anti-virus policy default
#
Return
Welcome to subscribe "Shulou Technology Information " to get latest news, interesting things and hot topics in the IT industry, and controls the hottest and latest Internet news, technology news and IT industry trends.
Views: 0
*The comments in the above article only represent the author's personal views and do not represent the views and positions of this website. If you have more insights, please feel free to contribute and share.
Continue with the installation of the previous hadoop.First, install zookooper1. Decompress zookoope
"Every 5-10 years, there's a rare product, a really special, very unusual product that's the most un
© 2024 shulou.com SLNews company. All rights reserved.
12
Report
