注意:在<SRG2210>模式下进入[SRG2210]模式命令为:system
在[SRG2210]模式下退到<SRG2210>模式命令为:quit
1.配置公网NAT转换地址池
[SRG2210]nat address-group 0 211.137.5.22 211.137.5.22
2.配置acl列表允许规则
[SRG2210]acl number 2000
[SRG2210-acl-basic-2000]rule permit source 192.168.1.1 0.0.0.255
[SRG2210-acl-basic-2000]quit
3.使能dhcp服务器(功能开启)
[SRG2210]dhcp enable
4.配置用户侧局域网网关地址 dhcp 服务器
[SRG2210]interface GigabitEthernet 0/0/0
大师球[SRG2210-GigabitEthernet0/0/0]ip address 192.168.1.1 255.255.255.0
[SRG2210-GigabitEthernet0/0/0]dhcp select interface
[SRG2210-GigabitEthernet0/0/0]dhcp server dns-list 211.140.197.58 211.137.32.178
[SRG2210-GigabitEthernet0/0/0]quit
5.配置移动侧广域网互联地址及10M网速 全双工工作方式
[SRG2210]interface GigabitEthernet 0/0/1
[SRG2210-GigabitEthernet0/0/1]ip address 211.137.5.22 255.255.255.0
[SRG2210-GigabitEthernet0/0/1]speed 10
[SRG2210-GigabitEthernet0/0/1]duplex full
[SRG2210-GigabitEthernet0/0/1]quit
6.配置信任域端口
[SRG2210]firewall zone trust
[SRG2210-zone-trust]add interface GigabitEthernet 0/0/0
[SRG2210-zone-trust]quit
7.配置非信任域端口
[SRG2210]firewall zone untrust
[SRG2210-zone-untrust]add interface GigabitEthernet 0/0/1
[SRG2210-zone-untrust]quit
8.配置信任域到非信任域匹配规则(nat地址转换)
[SRG2210]firewall interzone trust untrust
[SRG2210-interzone-trust-untrust]nat outbound 2000 address-group 0
深圳木屋烧烤
9.配置默认静态路由贵州特产
[SRG2210]ip route-static 0.0.0.0 0.0.0.0 211.137.5.1
一般现在时的句子10.保存配置
[SRG2210]quit撒贝宁否认转幕后
<SRG2210>save
The current configuration will be written to the device.
Caution: Executing the "save" command on the firewall can affect the quality of
some types of traffic at the time of configuration saving.
Are you sure?[Y/N]y
Now saving the current configuration to
版权声明:本站内容均来自互联网,仅供演示用,请勿用于商业和其他非法用途。如果侵犯了您的权益请与我们联系QQ:729038198,我们将在24小时内删除。
发表评论