In addition to Weibo, there is also WeChat
Please pay attention
WeChat public account
Shulou
2025-04-05 Update From: SLTechnology News&Howtos shulou NAV: SLTechnology News&Howtos > Network Security >
Share
Shulou(Shulou.com)06/01 Report--
R1 in the configuration:
[R1]inter
[R1]interface e0/0/0
[R1-Ethernet0/0/0]ip add
[R1-Ethernet0/0/0]ip address 192.168.2.2 24
[R1]ip route-static 192.168.1.0 192.168.2.1 static route 255.255.255.0
Turn on Virtual Terminal Services
[R1]user-interface vty 0 4
[R1-ui-vty0-4]set authentication password
[R1-ui-vty0-4]set authentication password cipher 666
[R1-ui-vty0-4]user privilege level 3
Configuration of R2
[R2]interface e0/0/0
[R2-Ethernet0/0/0]ip add 192.168.1.2 24
[R2-Ethernet0/0/0]q
[R2]ip route-static 192.168.2.0 24 192.168.1.1
[R2]user-interface vty 0 4
[R2-ui-vty0-4]authentication-mode password
[R2-ui-vty0-4]set authentication password cipher 666
[R2-ui-vty0-4]user privilege level 3
firewall configuration
Configuration Interface Address:
interface GigabitEthernet0/0/0
ip address 192.168.2.1 255.255.255.0
interface GigabitEthernet0/0/1
ip address 192.168.1.1 255.255.255.0
Create a zone outside, set priority 30, and add interface G0/0/1 to the zone
firewall zone name outside
set priority 30
add interface GigabitEthernet0/0/1
View Area Default Policy
[SRG]display policy interzone local outside outbound
policy interzone local outside outbound
firewall default packet-filter is permit
Check if you can ping an external router. It's okay.
change the default policy
[SRG]firewall packet-filter default deny interzone local outside direction outbound
Check if you can ping an external router. It's not allowed,
Restore Default Policy
[SRG]firewall packet-filter default permit interzone local outside direction outbound
Check if R1 and R2 can telnet and ping, the result should be no.
How to let R1telnet to R2 and ping through, to allow outbound traffic between trust and outside, as follows:
Release outbound telnet and ICMP traffic
[SRG]policy interzone trust outside outbound
[SRG-policy-interzone-trust-outside-outbound]policy 1
[SRG-policy-interzone-trust-outside-outbound-1]policy source 192.168.2.2 0
[SRG-policy-interzone-trust-outside-outbound-1]policy destination 192.168.1.2 0
[SRG-policy-interzone-trust-outside-outbound-1]policy service service-set icmp telnet
[SRG-policy-interzone-trust-outside-outbound-1]action permit
[SRG-policy-interzone-trust-outside-outbound-1]q
[SRG-policy-interzone-trust-outside-outbound]q
Use R1 to telnet R2, log in successfully and then view the session table on the firewall
[SRG]display firewall session table
Current Total Sessions : 1
icmp ×××:public --> public 192.168.2.2:53419-->192.168.1.2:2048
[SRG]display firewall session table
09:46:55 2018/05/11
Current Total Sessions : 0
Consider how to release telnet from an outside host to an internal router???
Welcome to subscribe "Shulou Technology Information " to get latest news, interesting things and hot topics in the IT industry, and controls the hottest and latest Internet news, technology news and IT industry trends.
Views: 0
*The comments in the above article only represent the author's personal views and do not represent the views and positions of this website. If you have more insights, please feel free to contribute and share.
Continue with the installation of the previous hadoop.First, install zookooper1. Decompress zookoope
"Every 5-10 years, there's a rare product, a really special, very unusual product that's the most un
© 2024 shulou.com SLNews company. All rights reserved.