zone-pair security命令用来创建安全域间实例,并进入安全域间实例视图。如果指定的安全域实例已经存在,则直接进入安全域实例视图。 undo zone-pair security命令用来删除指定的安全域间实例。 【命令】 zone-pair security source { source-zone-name | any } destination {
zone-pair security source market destination database object-policy apply ip market-database # zone-pair security source president destination database object-policy apply ip president-database # · 安全策略的相关配置 # 转换后的安全策略对流量的控制,同样可以达到原对象策略所控制的效果。 # 转换完成后...
destination untrust[H3C-zone-pair-security-Trust-Untrust]object-policy apply ip trust-untrust[H3C-zone-pair-security-Trust-Untrust]quit[H3C]zone-pair security source untrust destination trust[H3C-zone-pair-security-Untrust-Trust]object-policy apply ip untrust-trust[H3C-zone-pair-security-Untrust-Trust...
security-zone name Management import interface GigabitEthernet1/0/0 # zone-pair security source Local destination Management packet-filter 3000 # zone-pair security source Management destination Local packet-filter 3000 登录防火墙进行配置adminadmin 配置内网接口 配置外网接口 配置防火墙静态路由,从防火墙返回内...
zone-pair security source Trust destination Untrust packet-filter 2999 zone-pair security source Untrust destination Trust packet-filter 3999最后编辑于 :2018.04.26 15:09:19 ©著作权归作者所有,转载或内容合作请联系作者平台声明:文章内容(如有图片或视频亦包括在内)由作者上传并发布,文章内容仅代表作者本人...
[fw-name]security-zone name trust //安全域[fw-name-security-zone-Trust]import interface g1/0/0 //把接口加入安全域[fw-name-security-zone-Trust]qu[fw-name]object-policy ip manage[fw-name-object-policy-ip-manage]rule pass //规则动作[fw-name-object-policy-ip-manage]zone-pair security ...
[FW1]security-zone name Trust [FW1-security-zone-Trust]import interface g1/0/1 [FW1]object-policy ip manage [FW1-object-policy-ip-manage]rule pass [FW1]zone-pair security source trust destination local [FW1-zone-pair-security-Trust-Local]object-policyapply ip manage ...
[fw-name-security-zone-Trust]import interface g1/0/0 //把接口加入安全域 [fw-name-security-zone-Trust]qu [fw-name]object-policy ip manage [fw-name-object-policy-ip-manage]rule pass //规则动作 [fw-name-object-policy-ip-manage]zone-pair security source trust destination local //域间应用...
[H3C-zone-pair-security-Local-Trust]object-policy apply ip pass [H3C-zone-pair-security-Local-Trust]quit 3.9 配置DHCP服务 #开启DHCP服务并指定动态下发的地址以及网关等参数。 [H3C]dhcp enable [H3C]dhcp server ip-pool 1 [H3C-dhcp-pool-1]network 192.168.10.0 mask 255.255.255.0 ...
zone-pairsecuritysourcetrustdestinationuntrust//在域间实例上应用ASPF策略 aspfapplypolicy1 2、包过滤策略配置: security-zonenamemanagement//将管理口加入management区域 importinterfaceM-g1/0/0/0 security-zonenametrust//将接口G1/2/0/1加入到trust区域 importinterfaceG1/2/0/1 security-zonename...