In addition to Weibo, there is also WeChat
Please pay attention
WeChat public account
Shulou
2025-01-15 Update From: SLTechnology News&Howtos shulou NAV: SLTechnology News&Howtos > Network Security >
Share
Shulou(Shulou.com)06/01 Report--
Introduction to 1.VirtualWire
Virtual Wire mode can achieve security without changing the original network topology. Two interfaces are required to bind as a group. Can achieve all the security functions, support NAT. At the same time, the control of VLAN Tag between security zones can be realized.
The functions supported in this mode: App-ID, decryption, NAT, Content-ID, User-ID configuration step: create interface 2 in Virtual Wire object configuration Virtual Wire. The purpose of the experiment is to understand the principle of Virtual Wire, master the configuration of Virtual Wire and flexibly use this mode 3. Experimental topology information
Serial number device name interface information remarks 1R1E0/010.0.0.1/242SW1E0/1VLAN2E0/2Trunk3SW2E0/1VLAN2E0/2Trunk4PAE1/1Virtual Wire area: UntrustE1/2Virtual Wire area: Trust5R2E0/110.0.0.2/24 enable telnet4. Lab step 4.1 Network device initialization configuration R1&R2 configuration interface IP,R2 enable TelnetR1:-enconf tinterface e0/0ip address 10.0.0.1 255.255.255.0no shutdownR2:-enconf thostname R1interface e0/0ip address 10.0.0.2 255.255.255.0no shutdownexitline vty 0 4password ciscoSW1&SW2 create VLAN2 And configure interface E0amp1 and E0/2SW1:-enconf thostname SW1vlan 2exitinterface e0/1switch mode accessno shutdownexitinterface Ethernet0/2 switchport trunk encapsulation dot1q switchport mode trunk exit===SW2:-enconf thostname SW2vlan 2exitinterface e0/1switch mode accessno shutdownexitinterface Ethernet0/2 switchport trunk encapsulation dot1q switchport mode trunk exit4.2 PaloAlto configure VirtualWire to create VirtualWire group
Create Zone Trust and Untrust
Put E1Accord 1 and E1Placer 2 into the planned Zone and Virtual Wire groups, and set the mode to Virtual Wire
[Network]-[Interfaces]
4.3 configure policy to release Untrust to Trunst
[Policy]-[Security]
Description: remember Commit when the configuration is complete
5. Test and conclusion Telnet R2 test from R1
Welcome to subscribe "Shulou Technology Information " to get latest news, interesting things and hot topics in the IT industry, and controls the hottest and latest Internet news, technology news and IT industry trends.
Views: 0
*The comments in the above article only represent the author's personal views and do not represent the views and positions of this website. If you have more insights, please feel free to contribute and share.
Continue with the installation of the previous hadoop.First, install zookooper1. Decompress zookoope
"Every 5-10 years, there's a rare product, a really special, very unusual product that's the most un
© 2024 shulou.com SLNews company. All rights reserved.
12
Report
