拓扑图

实验代码

FW2<USG6000V1>dis cu

!Software Version V500R001C10
#
sysname USG6000V1
#
 l2tp enable
 undo l2tp sendaccm enable
 l2tp domain suffix-separator @
#
undo info-center enable
#
undo telnet server enable
undo telnet ipv6 server enable
#
 firewall packet-filter basic-protocol enable
#
 firewall detect ftp
#
 log type traffic enable
 log type syslog enable
 log type policy enable
#
 undo dataflow enable
#
 isp name "china mobile"
 isp name "china mobile" set filename china-mobile.csv
 isp name "china unicom"
 isp name "china unicom" set filename china-unicom.csv
 isp name "china telecom"
 isp name "china telecom" set filename china-telecom.csv
 isp name "china educationnet"
 isp name "china educationnet" set filename china-educationnet.csv
#
 snmp-agent session history-max-number enable
 snmp-agent session trap threshold 4000
 snmp-agent session-rate trap threshold 24000
#
 web-manager security version tlsv1 tlsv1.1
 web-manager security enable
#
firewall dataplane to manageplane application-apperceive default-action drop
#
 update schedule ips-sdb daily 07:52
 update schedule av-sdb daily 07:52
 update schedule sa-sdb daily 07:52
 update schedule cnc daily 07:52
#
ip vpn-instance default
 ipv4-family
#
 time-range worktime
  period-range 08:00:00 to 18:00:00 working-day
#
ip pool 1
 section 0 192.168.3.1 192.168.3.10
#
aaa
 authentication-scheme default
 authentication-scheme admin_local
 authentication-scheme admin_radius_local
 authentication-scheme admin_hwtacacs_local
 authentication-scheme admin_ad_local
 authentication-scheme admin_ldap_local
 authentication-scheme admin_radius
 authentication-scheme admin_hwtacacs
 authentication-scheme admin_ad
 authentication-scheme admin_ldap
 authorization-scheme default
 accounting-scheme default
 domain default
  service-type l2tp ike
  reference user current-domain
 manager-user password-modify enable
 manager-user audit-admin
  password cipher @%@%_2s{3z.rQ/i;6eTu:\/4KVfWJTxj'{j1rB5F;vM;f)<$VfZK@%@%
  service-type web terminal
  level 15

manager-user api-admin
  password cipher @%@%X[fs$(._k8,`cM5+Qn[ALB=w`yCt~d0aF#hA$<Ge.X+"B=zL@%@%
  service-type api
  level 15

manager-user admin
  password cipher @%@%L06(/w:^2A5)LVB)9x'HIjUQG("686}9S~[uo8Nk.P6IjUTI@%@%
  service-type web terminal
  level 15

role system-admin
  dashboard read-write
  monitor read-write
  policy read-write
  object read-write
  network read-write
  system read-write
 role device-admin
  dashboard read-only
  monitor read-only log log-traffic log-threat log-policy-matching report traffi
c-map threat-map session statistic statistic-acl
  monitor none diagnose
  policy read-write
  object read-write
  network read-write
  system read-write high-reliability
  system none configuration vsys license update-center mail-send feedback
 role device-admin(monitor)
  dashboard read-only
  monitor read-only log log-traffic log-threat log-policy-matching report traffi
c-map threat-map session statistic statistic-acl
  monitor none diagnose
  policy read-only
  object read-only
  network read-only
  system read-only high-reliability
  system none configuration vsys license update-center mail-send feedback
 role audit-admin
  dashboard read-only
  monitor read-write log-audit
  monitor read-only log log-traffic log-threat log-syslog log-policy-matching re
port traffic-map threat-map
  monitor none session statistic statistic-acl diagnose
  policy none
  object none
  network none
  system none
 bind manager-user audit-admin role audit-admin
#
interface GigabitEthernet0/0/0
 undo shutdown
 ip binding vpn-instance default
 ip address 192.168.0.1 255.255.255.0
 service-manage http permit
 service-manage https permit
 service-manage ping permit
 service-manage ssh permit
 service-manage snmp permit
 service-manage telnet permit
 service-manage netconf permit
#
interface GigabitEthernet1/0/0
 undo shutdown
 ip address 61.67.1.2 255.255.255.0
 service-manage ping permit
#
interface GigabitEthernet1/0/1
 undo shutdown
 ip address 192.168.1.1 255.255.255.0
 service-manage ping permit
#
interface GigabitEthernet1/0/2
 undo shutdown
#
interface GigabitEthernet1/0/3
 undo shutdown
#
interface GigabitEthernet1/0/4
 undo shutdown
#
interface GigabitEthernet1/0/5
 undo shutdown
#
interface GigabitEthernet1/0/6
 undo shutdown
#
interface Virtual-if0
#
interface NULL0
#
firewall zone local
 set priority 100
#
firewall zone trust
 set priority 85
 add interface GigabitEthernet0/0/0
 add interface GigabitEthernet1/0/1
#
firewall zone untrust
 set priority 5
 add interface GigabitEthernet1/0/0
#
firewall zone dmz
 set priority 50
#
l2tp-group 1
 tunnel name LNS
#
l2tp-group default-lns
#
ip route-static 0.0.0.0 0.0.0.0 61.67.1.1
#
undo ssh server compatible-ssh1x enable
#
user-interface con 0
 authentication-mode password
 set authentication password cipher $1a$6a,J-D6DR5$4MLT/){&w7P\1Q2eP^)'M{cY9ZB,*
4XdkW9j;m`7$
user-interface vty 0 4
 authentication-mode aaa
 protocol inbound ssh
user-interface vty 16 20
#
sa
#
location
#
 multi-interface
  mode proportion-of-weight
#
security-policy
 rule name T_UN
  source-zone trust
  destination-zone untrust
  action permit
 rule name UN_LOCAL
  source-zone untrust
  destination-zone local
  action permit
#
traffic-policy
#
policy-based-route
#
nat-policy
 rule name N_W
  source-zone trust
  destination-zone untrust
  action nat easy-ip
#
pcp-policy
#
dns-transparent-policy
#
return

FW3[USG6000V1]dis cu

!Software Version V500R001C10
#
sysname USG6000V1
#
 undo l2tp sendaccm enable
 l2tp domain suffix-separator @
#
undo info-center enable
#
undo telnet server enable
undo telnet ipv6 server enable
#
 firewall packet-filter basic-protocol enable
#
 firewall detect ftp
#
 log type traffic enable
 log type syslog enable
 log type policy enable
#
 undo dataflow enable
#
 isp name "china mobile"
 isp name "china mobile" set filename china-mobile.csv
 isp name "china unicom"
 isp name "china unicom" set filename china-unicom.csv
 isp name "china telecom"
 isp name "china telecom" set filename china-telecom.csv
 isp name "china educationnet"
 isp name "china educationnet" set filename china-educationnet.csv
#
 snmp-agent session history-max-number enable
 snmp-agent session trap threshold 4000
 snmp-agent session-rate trap threshold 24000
#
 web-manager security version tlsv1 tlsv1.1
 web-manager security enable
#
firewall dataplane to manageplane application-apperceive default-action drop
#
 update schedule ips-sdb daily 02:11
 update schedule av-sdb daily 02:11
 update schedule sa-sdb daily 02:11
 update schedule cnc daily 02:11
#
ip vpn-instance default
 ipv4-family
#
 time-range worktime
  period-range 08:00:00 to 18:00:00 working-day
#
aaa
 authentication-scheme default
 authentication-scheme admin_local
 authentication-scheme admin_radius_local
 authentication-scheme admin_hwtacacs_local
 authentication-scheme admin_ad_local
 authentication-scheme admin_ldap_local
 authentication-scheme admin_radius
 authentication-scheme admin_hwtacacs
 authentication-scheme admin_ad
 authentication-scheme admin_ldap
 authorization-scheme default
 accounting-scheme default
 domain default
  service-type l2tp ike
  reference user current-domain
 manager-user password-modify enable
 manager-user audit-admin
  password cipher @%@%U*eEK<|Xk6]Q[25%tt[><.u*HyBw~g7/7(fP.5B|4<JL.u-<@%@%
  service-type web terminal
  level 15

manager-user api-admin
  password cipher @%@%rs#k=5lq5-@{PK,@SVFW=ezJ=l)B~TrT,,b&gJ*'oi:LezM=@%@%
  service-type api
  level 15

manager-user admin
  password cipher @%@%JNJB*6zo2+Jv;3Q8d%fB!P#htp<BD`K882_`saA*B-ZLP#k!@%@%
  service-type web terminal
  level 15

role system-admin
  dashboard read-write
  monitor read-write
  policy read-write
  object read-write
  network read-write
  system read-write
 role device-admin
  dashboard read-only
  monitor read-only log log-traffic log-threat log-policy-matching report traffi
c-map threat-map session statistic statistic-acl
  monitor none diagnose
  policy read-write
  object read-write
  network read-write
  system read-write high-reliability
  system none configuration vsys license update-center mail-send feedback
 role device-admin(monitor)
  dashboard read-only
  monitor read-only log log-traffic log-threat log-policy-matching report traffi
c-map threat-map session statistic statistic-acl
  monitor none diagnose
  policy read-only
  object read-only
  network read-only
  system read-only high-reliability
  system none configuration vsys license update-center mail-send feedback
 role audit-admin
  dashboard read-only
  monitor read-write log-audit
  monitor read-only log log-traffic log-threat log-syslog log-policy-matching re
port traffic-map threat-map
  monitor none session statistic statistic-acl diagnose
  policy none
  object none
  network none
  system none
 bind manager-user audit-admin role audit-admin
#
interface GigabitEthernet0/0/0
 undo shutdown
 ip binding vpn-instance default
 ip address 192.168.0.1 255.255.255.0
 service-manage http permit
 service-manage https permit
 service-manage ping permit
 service-manage ssh permit
 service-manage snmp permit
 service-manage telnet permit
 service-manage netconf permit
#
interface GigabitEthernet1/0/0
 undo shutdown
 ip address 192.168.2.1 255.255.255.0
 service-manage ping permit
#
interface GigabitEthernet1/0/1
 undo shutdown
 ip address 61.67.2.3 255.255.255.0
 service-manage ping permit
#
interface GigabitEthernet1/0/2
 undo shutdown
#
interface GigabitEthernet1/0/3
 undo shutdown
#
interface GigabitEthernet1/0/4
 undo shutdown
#
interface GigabitEthernet1/0/5
 undo shutdown
#
interface GigabitEthernet1/0/6
 undo shutdown
#
interface Virtual-if0
#
interface NULL0
#
firewall zone local
 set priority 100
#
firewall zone trust
 set priority 85
 add interface GigabitEthernet0/0/0
 add interface GigabitEthernet1/0/0
#
firewall zone untrust
 set priority 5
 add interface GigabitEthernet1/0/1
#
firewall zone dmz
 set priority 50
#
l2tp-group default-lns
#
ip route-static 0.0.0.0 0.0.0.0 61.67.2.1
#
undo ssh server compatible-ssh1x enable
#
user-interface con 0
 authentication-mode password
 set authentication password cipher $1a$,6;N&se_S8$4Z)_<I~}r*08_jXTcIn*0*db=Gv3z
QztnQ/b7DvC$
user-interface vty 0 4
 authentication-mode aaa
 protocol inbound ssh
user-interface vty 16 20
#
sa
#
location
#
 multi-interface
  mode proportion-of-weight
#
security-policy
 default action permit
#
traffic-policy
#
policy-based-route
#
nat-policy
 rule name N_W
  source-zone trust
  destination-zone untrust
  action nat easy-ip
#
pcp-policy
#
dns-transparent-policy
#
return

<ar1>dis cu

[V200R003C00]
#
 sysname ar1
#
 snmp-agent local-engineid 800007DB03000000000000
 snmp-agent 
#
 clock timezone China-Standard-Time minus 08:00:00
#
portal local-server load portalpage.zip
#
 drop illegal-mac alarm
#
 undo info-center enable
#
 set cpu-usage threshold 80 restore 75
#
aaa 
 authentication-scheme default
 authorization-scheme default
 accounting-scheme default
 domain default 
 domain default_admin 
 local-user admin password cipher %$%$K8m.Nt84DZ}e#<0`8bmE3Uw}%$%$
 local-user admin service-type http
#
firewall zone Local
 priority 15
#
interface GigabitEthernet0/0/0
 ip address 61.67.1.1 255.255.255.0 
#
interface GigabitEthernet0/0/1
 ip address 61.67.2.1 255.255.255.0 
#
interface GigabitEthernet0/0/2
#
interface NULL0
#
ip route-static 0.0.0.0 0.0.0.0 61.67.1.2
ip route-static 0.0.0.0 0.0.0.0 61.67.2.3
#
user-interface con 0
 authentication-mode password
user-interface vty 0 4
user-interface vty 16 20
#
wlan ac
#
return

拓扑网络连通1-ensp相关推荐

  1. 计算机网络课程实验---使用思科PT进行拓扑网络搭建并ping通

    计算机网络课程实验-使用思科PT进行拓扑网络搭建并ping通 Ⅰ.实验目标 ①结果体现: 设计如图的网络,并进行IP地址和路由表的配置.最终要求路由器的每个端口对应一个子网:要求的子网地址为:xx.y ...

  2. python测试网络连通性_python 判断网络连通的实现方法

    开发中偶尔需要判断网络的连通性,没有什么方法比 ping 更直接了当,通常检查网络情况都是运行命令ping www.baidu.com ,查看输出信息即可. C:\Users>ping www. ...

  3. linux检查网络是否通畅_网络基础Ping命令详解(使用Ping这命令来测试网络连通)...

    相关知识点 BIOS 在计算机领域,BIOS是 "Basic Input Output System"的缩略语,译为"基本输入输出系统", 与前者读法相同.计算 ...

  4. Mininet--topo类型-py创建自定义拓扑网络

    Mininet网络划分 Minnet可以创建多种拓扑网络,主要分为两类,一类是自动型,是指Mininet自带的拓扑类型, 通过--topo参数来指定,分别是linear.minimal.reverse ...

  5. Linux 实用指令 -- 网络配置(查看网络IP和网关、 ping 测试主机之间网络连通、Linux网络环境配置(指定固定ip))

    文章目录 1. 网络配置 1.1 查看网络IP和网关 1.1.1 查看虚拟网络编辑器 1.1.2 这里可以修改ip地址(修改虚拟网络的ip) 1.1.3 这里可以修改网关(虚拟网络的网关) 1.1.4 ...

  6. Docker 网络连通

    网络连通 # 测试打通tomcat01到tomcat-net-01 [root@master ~]# docker network connect mynet tomcat01 [root@maste ...

  7. SDN网络控制器Floodlight安装部署和结合Mininet实现多数据中心拓扑网络

    系统前提 系统:Ubuntu 16.04 安装环境:安装JDK 1.8,安装编译打包工具ant 安装Floodlight 1.下载Floodlight 方法一: 到http://www.project ...

  8. 网络学习之eNSP使用

    组网:网络组建 学习eNSP主要是为了拥有一定的网络组建能力,看得懂网络拓扑图,自己能够绘制,并且对常见的网络设备有一定的了解,可以进行一些安全配置等. https://baike.baidu.com ...

  9. 基于Docker的拓扑网络搭建可行性探究

    基于Docker的拓扑网络搭建可行性探究 文章目录 基于Docker的拓扑网络搭建可行性探究 引入 Docker环境配置与容器选择 Image 命令 (镜像相关) Container命令(容器相关) ...

最新文章

  1. JavaScript初学者应注意的七个细节
  2. 『PPYOLO tiny尝鲜』基于PaddleDetection的人脸疲劳检测
  3. css hot loader,解决安装react-hot-loader后修改css/less文件不会热更新问题
  4. mvc html 生成图片,asp.net mvc5 cs代码中获取视图生成后的HTML
  5. 解决: Client does not support authentication protocol requested by server; consider upgrading MySQL
  6. 深入解析Node.js setTimeout方法的执行过程
  7. RHEL/CentOS 6.x使用EPEL6与remi的yum源安装MySQL 5.5.x
  8. 第 5 章 虚拟机栈
  9. 出现红字是电脑问题吗_婚姻出现问题,生个孩子就能解决,这是真的吗?
  10. 上位机与1200组态步骤_新入S7-1200系统值得注意几点(博图平台)
  11. charles windows版使用教程
  12. 【linux 学习】linux上安装Tim(linux mint)
  13. http文件下载c/c++ 多种方法
  14. python颜色识别_OpenCV(Python)学习之识别图片特定颜色
  15. 矩阵的特征值与特征向量 求解
  16. PDF Expert永久版
  17. thinkpade450装内存条_Thinkpad e450c我想加一个内存条,因为开机就满了百分50左右,该加什么样的内存条?低电...
  18. ue4游戏传送门实现
  19. 莫比乌斯反演小结 + 黑暗爆炸 2301
  20. 使用NFC模拟校园卡门禁功能 【Mac, Windows, Android, 手环】

热门文章

  1. CF1474D - Cleaning
  2. 医学影像 -CMBs-ing
  3. 翻翻棋 博弈论
  4. main memory
  5. 换个SSD再战6年,14款MacBook Air升级1TB SSD,傻瓜式操作
  6. 基于Paddlehub实现从1人到3人的舞蹈
  7. 计算机视觉中的注意力机制--attention mechanism
  8. 在线考试系统软件如何实现远程监考?
  9. 数字化时代,企业如何做好数字营销
  10. python选择题和填空题_python练习题总结