静态 IPv4 地址接入互联网
【摘要】 静态 IPv4 地址接入互联网 操作步骤 步骤1#配置各个接口IP地址并将其加入对应的安全区域。<FW> system-view[FW] interface GigabitEthernet 1/0/1[FW-GigabitEthernet1/0/1] ip address 1.1.1.1 255.255.255.0[FW-GigabitEthernet1/0/1] quit[FW] int...
静态 IPv4 地址接入互联网
操作步骤
步骤1
#配置各个接口IP地址并将其加入对应的安全区域。
<FW> system-view
[FW] interface GigabitEthernet 1/0/1
[FW-GigabitEthernet1/0/1] ip address 1.1.1.1 255.255.255.0
[FW-GigabitEthernet1/0/1] quit
[FW] interface GigabitEthernet 1/0/3
[FW-GigabitEthernet1/0/3] ip address 10.3.0.1 255.255.255.0
[FW-GigabitEthernet1/0/3] quit
[FW] firewall zone untrust
[FW-zone-untrust] add interface GigabitEthernet 1/0/1
[FW-zone-untrust] quit
[FW] firewall zone trust
[FW-zone-trust] add interface GigabitEthernet 1/0/3
[FW-zone-trust] quit
步骤2
#配置安全策略,允许内部网络中的PC访问Internet。
[FW] security-policy
[FW-security-policy] rule name policy_sec_1
[FW-security-policy-sec_policy_1] source-address 10.3.0.0 mask 255.255.255.0
[FW-security-policy-sec_policy_1] source-zone trust
[FW-security-policy-sec_policy_1] destination-zone untrust
[FW-security-policy-sec_policy_1] action permit
[FW-security-policy-sec_policy_1] quit
[FW-security-policy] quit
步骤3
#配置NAT策略,当内部网络中的PC访问Internet时进行地址转换。
[FW] nat-policy
[FW-policy-nat] rule name policy_nat_1
[FW-policy-nat-rule-policy_nat_1] source-address 10.3.0.0 mask 255.255.255.0
[FW-policy-nat-rule-policy_nat_1] source-zone trust
[FW-policy-nat-rule-policy_nat_1] egress-interface GigabitEthernet 1/0/1
[FW-policy-nat-rule-policy_nat_1] action nat easy-ip
[FW-policy-nat-rule-policy_nat_1] quit
[FW-policy-nat] quit
步骤4
#配置缺省路由,指定下一跳地址为1.1.1.254。
[FW] ip route-static 0.0.0.0 0.0.0.0 1.1.1.254
【版权声明】本文为华为云社区用户原创内容,未经允许不得转载,如需转载请自行联系原作者进行授权。如果您发现本社区中有涉嫌抄袭的内容,欢迎发送邮件进行举报,并提供相关证据,一经查实,本社区将立刻删除涉嫌侵权内容,举报邮箱:
cloudbbs@huaweicloud.com
- 点赞
- 收藏
- 关注作者
评论(0)