内网通过公网地址访问内部服务器一、组网拓扑: Secpath100f S3026E 0/0: ( TRUST ) 172 . 1/0: (外网) 3 /22 1/2 ( DMZ ) (TRUST) 公网 DNS 服务器 Ftp-server , .(DMZ) 二、组网需求: 要求内部用户访问内部服务器时, 可通过外网映射的地址访问服务器( WWW , FT P 等)。三、配置实例如下: <Quidway>dis cur # sysname Quidway # firewall packet-filter enable firewall packet-filter default permit # undo insulate # undo connection-limit enable connection-limit default deny connection-limit default amount upper-limit 50 lower-limit 20 # firewall statistic system enable # radius scheme system # domain system # acl number 2000 rule 0 permit source # interface Aux0 async mode flow # interface 0/0 ip address nat server protocol tcp global . www # interface 1/0 ip address .193 nat outbound 2000 nat server protocol tcp global . www # interface 1/1 # interface 1/2 ip address # interface NULL0 # firewall zone local set priority 100 # firewall zone trust add interface 0/0 set priority 85 # firewall zone untrust add interface 1/0 set priority 5# firewall zone DMZ add interface 1/2 set priority 50 # firewall interzone local trust # firewall interzone local untrust # firewall interzone local DMZ # firewall interzone trust untrust # firewall interzone trust DMZ # firewall interzone DM
内网通过公网地址访问内部服务器 来自淘豆网m.daumloan.com转载请标明出处.
