acl+nat
[Router]display current
Now create configuration...
Current configuration
!
version 1.74
local-user hr service-type administrator password simple 密码
firewall enable
aaa-enable
login-method authorization-mode telnet default
aaa accounting-scheme optional
!
acl 10 match-order auto
rule normal permit source 192.168.0.0 0.0.255.255
!
acl 102 match-order auto
rule normal permit tcp source any destination any destination-port equal telnet
rule normal permit tcp source any destination any destination-port equal www
rule normal permit tcp source any destination any destination-port equal pop2
rule normal permit tcp source any destination any destination-port equal pop3
rule normal permit tcp source any destination any destination-port equal domain
rule normal permit tcp source any destination any destination-port equal smtp
rule normal permit udp source any destination any destination-port equal dns
rule normal permit icmp source any destination any
rule normal permit tcp source any destination any destination-port equal 9525
rule normal permit tcp source any destination any destination-port equal 9510
rule normal deny ip source any destination any
!
interface Aux0
async mode flow
link-protocol ppp
!
interface Ethernet0
ip address 192.168.8.1 255.255.255.0
firewall packet-filter 102 inbound
!
interface Ethernet1
ip address 218.*.*.74 255.255.255.240
nat outbound 10 interface
!
interface Serial0
link-protocol ppp
!
quit
ip route-static 0.0.0.0 0.0.0.0 218.*.*.65 preference 60
!
return
[Router]save
|
