问

UTM200

2018-10-12提问

0关注
1收藏，1686浏览

步步生莲

步步生莲零段

粉丝：0人关注：0人

问题描述：

你好：

我是大连中外运物流有限公司的，我们被招商平台收购了，应用上不去，我用20M直连是可以上的，一过防火墙就上不去了。应用的端口是UDP6001和UDP6001.utm值和MSS两个值一调整个网络就当掉了。请问是什么问题？我们集团内部给出了修复手册。也在附件中上传。我的电话是13164552206.如果能给我来电话就太好了。十分感谢。

组网及组网描述：

version 5.20, Feature 5123P31

sysname utm200

clock timezone Beijing add 08:00:00

super password level 3 simple HACK4nls65Nz

undo voice vlan mac-address 00e0-bb00-0000

ike local-name IPSECVPN

nat address-group 0 218.24.155.226 218.24.155.227

nat address-group 1 218.24.155.224 218.24.155.224

domain default enable system

router id 1.2.3.4

telnet server enable

userlog flow export source-ip 172.20.110.37

undo alg all

time-range worktime 08:00 to 16:00 daily

acl number 2000

rule 0 permit

rule 1 permit source 172.20.110.6 0

rule 2 permit source 172.20.110.9 0

rule 3 permit source 172.20.110.30 0

rule 4 permit source 172.20.110.42 0

rule 5 permit source 172.20.110.107 0

rule 6 permit source 172.20.110.4 0

rule 7 permit source 172.20.110.221 0

rule 8 permit source 172.20.110.45 0

rule 9 permit source 172.20.110.250 0

rule 10 permit source 172.20.110.48 0

rule 11 permit source 172.20.110.176 0

rule 12 permit source 172.20.110.3 0

rule 13 permit source 172.20.110.239 0

rule 14 permit source 172.20.110.144 0 time-range worktime

rule 15 permit source 172.20.110.236 0

rule 16 permit source 172.20.110.238 0

rule 17 permit source 172.20.110.79 0

rule 18 permit source 172.20.110.44 0

rule 19 permit source 172.20.110.43 0

rule 20 permit source 172.20.110.115 0

rule 21 permit source 172.20.110.195 0

rule 22 permit source 172.20.110.237 0

rule 23 permit source 172.20.110.223 0

rule 24 permit source 172.20.110.188 0

rule 25 permit source 172.20.110.103 0

rule 27 permit source 172.20.110.149 0

rule 28 permit source 172.20.110.229 0

rule 29 permit source 172.20.110.116 0

rule 30 permit source 172.20.110.199 0

rule 31 permit source 172.20.110.240 0

rule 32 permit source 172.20.110.71 0

rule 33 permit source 172.20.110.133 0

rule 34 permit source 172.20.110.247 0

rule 36 permit source 172.20.110.228 0

rule 37 permit source 172.20.110.65 0

rule 38 permit source 172.20.110.74 0

rule 39 permit source 172.20.110.168 0 time-range worktime

rule 40 permit source 172.20.110.75 0

rule 41 permit source 172.20.110.153 0

rule 43 permit source 172.20.110.51 0

rule 44 permit source 172.20.110.87 0

rule 45 permit source 172.20.110.162 0

rule 46 permit source 172.20.110.100 0

rule 47 permit source 172.20.110.141 0

rule 48 permit source 172.20.110.85 0

rule 49 permit source 172.20.110.170 0

rule 50 permit source 172.20.110.173 0

rule 51 permit source 172.20.110.22 0

rule 52 permit source 172.20.110.23 0

rule 53 permit source 172.20.110.211 0

rule 54 permit source 172.20.110.26 0

rule 55 permit source 172.20.110.113 0

rule 56 permit source 172.20.110.93 0

rule 57 permit source 172.20.110.27 0

rule 58 permit source 172.20.110.31 0

rule 59 permit source 172.20.110.180 0

rule 61 permit source 172.20.110.127 0

rule 62 permit source 172.20.110.178 0

rule 63 permit source 172.20.110.66 0

rule 64 permit source 172.20.110.248 0

rule 65 permit source 172.20.110.96 0

rule 66 permit source 172.20.110.128 0

rule 68 permit source 172.20.110.35 0

rule 69 permit source 172.20.110.191 0

rule 70 permit source 172.20.110.157 0

rule 71 permit source 172.20.110.36 0

rule 72 permit source 172.20.110.226 0

rule 73 permit source 172.20.110.126 0

rule 74 permit source 172.20.110.37 0

rule 75 permit source 172.20.110.155 0

rule 76 permit source 172.20.110.234 0

rule 77 permit source 172.20.110.77 0 time-range worktime

rule 78 permit source 172.20.110.40 0

rule 79 permit source 172.20.110.233 0

rule 80 permit source 172.20.110.227 0

rule 81 permit source 172.20.110.193 0

rule 82 permit source 172.20.110.39 0

rule 83 permit source 172.20.110.190 0

rule 84 permit source 172.20.110.54 0

rule 85 permit source 172.20.110.82 0

rule 86 permit source 172.20.110.67 0

rule 87 permit source 172.20.110.29 0

rule 88 permit source 172.20.110.174 0

rule 89 permit source 172.20.110.172 0

rule 90 permit source 172.20.110.72 0

rule 91 permit source 172.20.110.171 0

rule 92 permit source 172.20.110.104 0

rule 93 permit source 172.20.110.179 0

rule 94 permit source 172.20.110.208 0

rule 95 permit source 172.20.110.112 0

rule 96 permit source 172.20.110.185 0

rule 97 permit source 172.20.110.151 0

rule 98 permit source 172.20.110.102 0

rule 99 permit source 172.20.110.68 0

rule 100 permit source 172.20.110.146 0

rule 101 permit source 172.20.110.129 0

rule 102 permit source 172.20.110.152 0

rule 103 permit source 172.20.110.69 0

rule 104 permit source 172.20.110.163 0

rule 105 permit source 172.20.110.167 0

rule 106 permit source 172.20.110.156 0

rule 107 permit source 172.20.110.70 0

rule 108 permit source 172.20.110.110 0

rule 109 permit source 172.20.110.150 0

rule 110 permit source 172.20.110.135 0

rule 111 permit source 172.20.110.76 0

rule 112 permit source 172.20.110.145 0

rule 113 permit source 172.20.110.147 0

rule 114 permit source 172.20.110.117 0

rule 115 permit source 172.20.110.13 0

rule 116 permit source 172.20.110.28 0

rule 117 permit source 172.20.110.120 0

rule 118 permit source 172.20.110.182 0

rule 119 permit source 172.20.110.212 0

rule 120 permit source 172.20.110.80 0

rule 121 permit source 172.20.110.158 0

rule 122 permit source 172.20.110.241 0

rule 123 permit source 172.20.110.101 0

rule 125 permit source 172.20.110.224 0

rule 126 permit source 172.20.110.205 0

rule 127 permit source 172.20.110.123 0

rule 128 permit source 172.20.110.92 0

rule 129 permit source 172.20.110.169 0

rule 130 permit source 172.20.110.124 0

rule 131 permit source 172.20.110.98 0

rule 132 permit source 172.20.110.253 0

rule 133 permit source 172.20.110.83 0

rule 134 permit source 172.20.110.105 0

rule 135 permit source 172.20.110.160 0

rule 136 permit source 172.20.110.204 0

rule 137 permit source 172.20.110.220 0

rule 139 permit source 172.20.110.119 0

rule 200 permit source 172.20.110.194 0

acl number 3000

rule 0 permit ip

rule 1 permit icmp

rule 2 permit udp

acl number 3001

rule 100 permit tcp destination-port eq 7888

acl number 3002

rule 3001 permit ip destination 124.93.228.0 0.0.0.255

rule 3002 permit ip destination 210.113.16.201 0

rule 3003 permit ip destination 124.93.228.249 0

rule 3004 permit ip destination 59.46.135.249 0

rule 3005 permit ip destination 124.93.228.251 0

rule 3006 permit ip destination 218.25.170.0 0.0.0.255

rule 3007 permit udp

acl number 3003

rule 0 permit tcp source 192.168.0.0 0.0.0.255 destination 172.20.111.0 0.0.0.255

vlan 1

radius scheme system

server-type extended

domain system

access-limit disable

state active

idle-cut disable

self-service-url disable

ip pool 1 172.20.111.129 172.20.111.253

pki domain default

crl check disable

ike proposal 1

authentication-method rsa-signature

ike proposal 2

encryption-algorithm aes-cbc 256

dh group2

authentication-algorithm md5

sa duration 120

ike dpd vpn

interval-time 120

time-out 30

ike peer vpn_peer

exchange-mode aggressive

pre-shared-key cipher wrWR2LZofLx6g26QyYjqBQ==

remote-name zyy

local-address 218.24.155.225

nat traversal

dpd vpn

ipsec proposal vpn_prop

transform ah-esp

ah authentication-algorithm sha1

esp authentication-algorithm md5

esp encryption-algorithm aes 256

ipsec policy vpn_poli 1 isakmp

security acl 3003

ike-peer vpn_peer

proposal vpn_prop

user-group system

user-group 123

authorization-attribute level 3

authorization-attribute user-profile 11

local-user 123

password simple 123

authorization-attribute level 3

service-type ssh telnet terminal

local-user admin

password cipher 2CA1HU\C[NaQ=^Q`MAF4<1!!

authorization-attribute level 3

service-type telnet

local-user dlzwy

password simple dlzwy

service-type ppp

interface Virtual-Template1

ppp authentication-mode pap

remote address pool 1

ip address 172.20.111.129 255.255.255.128

interface NULL0

interface GigabitEthernet0/0

port link-mo

附件下载：新建 DOC 文档.doc 报错手册及修复办法.doc

最佳答案

轩宇昂

轩宇昂六段

粉丝：4人关注：0人

得看下具体丢包位置，是不是丢在设备上，建议找热线求助下

暂无评论

0 个回答

按时间按赞数

该问题暂时没有网友解答

编辑答案

分享扩散:

➤

网站相关: 关于我们; 服务条款; 帮助中心; 经验与权限; 积分规则

联系我们: 联系我们; 建议反馈

常用链接: 标杆的神器下载

关注我们: H3C官网; 新华三服务公众号; 安仔远程运维服务; 新华三商城

内容许可: 除特别说明外，用户内容均可采用知识共享署名-相同方式共享3.0中国大陆许可协议进行许可

本图标版权归新华三集团所有，仅限本社区使用，切勿用做商业目的，违者必究

浙ICP备09064986号-1 浙公网安备 33010802004416号

✖

亲~登录后才可以操作哦!

确定

✖

亲~检测到您登陆的账号未在http://hclhub.h3c.com进行注册

注册后可访问此模块

跳转hclhub

✖

你的邮箱还未认证，请认证邮箱或绑定手机后进行当前操作

✖

侵犯我的权益 >

对根叔社区有害的内容 >

辱骂、歧视、挑衅等（不友善）

侵犯我的权益

泄露了我的隐私 >

侵犯了我企业的权益 >

抄袭了我的内容 >

诽谤我 >

辱骂、歧视、挑衅等（不友善）

骚扰我

泄露了我的隐私

您好，当您发现根叔知了上有泄漏您隐私的内容时，您可以向根叔知了进行举报。请您把以下内容通过邮件发送到pub.zhiliao@h3c.com 邮箱，我们会尽快处理。

1. 您认为哪些内容泄露了您的隐私？（请在邮件中列出您举报的内容、链接地址，并给出简短的说明）
2. 您是谁？（身份证明材料，可以是身份证或护照等证件）

侵犯了我企业的权益

您好，当您发现根叔知了上有关于您企业的造谣与诽谤、商业侵权等内容时，您可以向根叔知了进行举报。请您把以下内容通过邮件发送到 pub.zhiliao@h3c.com 邮箱，我们会在审核后尽快给您答复。

1. 您举报的内容是什么？（请在邮件中列出您举报的内容和链接地址）
2. 您是谁？（身份证明材料，可以是身份证或护照等证件）
3. 是哪家企业？（营业执照，单位登记证明等证件）
4. 您与该企业的关系是？（您是企业法人或被授权人，需提供企业委托授权书）

我们认为知名企业应该坦然接受公众讨论，对于答案中不准确的部分，我们欢迎您以正式或非正式身份在根叔知了上进行澄清。

抄袭了我的内容

原文链接或出处

诽谤我

您好，当您发现根叔知了上有诽谤您的内容时，您可以向根叔知了进行举报。请您把以下内容通过邮件发送到pub.zhiliao@h3c.com 邮箱，我们会尽快处理。

1. 您举报的内容以及侵犯了您什么权益？（请在邮件中列出您举报的内容、链接地址，并给出简短的说明）
2. 您是谁？（身份证明材料，可以是身份证或护照等证件）

我们认为知名企业应该坦然接受公众讨论，对于答案中不准确的部分，我们欢迎您以正式或非正式身份在根叔知了上进行澄清。

对根叔社区有害的内容

垃圾广告信息

色情、暴力、血腥等违反法律法规的内容

政治敏感

不规范转载 >

辱骂、歧视、挑衅等（不友善）

骚扰我

诱导投票

不规范转载

举报说明

产品线		搜索取消
案例类型
发布者
是否解决
是否官方
时间
搜索引擎
匹配模式	默认策略匹配全词匹配整句

UTM200

问题描述：

组网及组网描述：

编辑答案

提出建议