• 全部
  • 经验案例
  • 典型配置
  • 技术公告
  • FAQ
  • 漏洞说明
  • 全部
  • 全部
  • 大数据引擎
  • 知了引擎
产品线
搜索
取消
案例类型
发布者
是否解决
是否官方
时间
搜索引擎
匹配模式
高级搜索

UTM200

2018-10-12提问
  • 0关注
  • 1收藏,1749浏览
粉丝:0人 关注:0人

问题描述:

你好:

        我是大连中外运物流有限公司的,我们被招商平台收购了,应用上不去,我用20M直连是可以上的,一过防火墙就上不去了。应用的端口是UDP6001和UDP6001.utm值和MSS两个值一调整个网络就当掉了。请问是什么问题?我们集团内部给出了修复手册。也在附件中上传。我的电话是13164552206.如果能给我来电话就太好了。十分感谢。

组网及组网描述:

#

 version 5.20, Feature 5123P31

#

 sysname utm200

#

 clock timezone Beijing add 08:00:00

#

 super password level 3 simple HACK4nls65Nz

#

 undo voice vlan mac-address 00e0-bb00-0000

#

 ike local-name IPSECVPN

#

 nat address-group 0 218.24.155.226 218.24.155.227

 nat address-group 1 218.24.155.224 218.24.155.224

#

 domain default enable system

#

 router id 1.2.3.4

#

 telnet server enable

#

 userlog flow export source-ip 172.20.110.37

#

 undo alg all

#

 time-range worktime 08:00 to 16:00 daily   

#

acl number 2000

 rule 0 permit

 rule 1 permit source 172.20.110.6 0

 rule 2 permit source 172.20.110.9 0

 rule 3 permit source 172.20.110.30 0

 rule 4 permit source 172.20.110.42 0

 rule 5 permit source 172.20.110.107 0

 rule 6 permit source 172.20.110.4 0

 rule 7 permit source 172.20.110.221 0

 rule 8 permit source 172.20.110.45 0

 rule 9 permit source 172.20.110.250 0

 rule 10 permit source 172.20.110.48 0

 rule 11 permit source 172.20.110.176 0

 rule 12 permit source 172.20.110.3 0

 rule 13 permit source 172.20.110.239 0

 rule 14 permit source 172.20.110.144 0 time-range worktime

 rule 15 permit source 172.20.110.236 0

 rule 16 permit source 172.20.110.238 0

 rule 17 permit source 172.20.110.79 0

 rule 18 permit source 172.20.110.44 0

 rule 19 permit source 172.20.110.43 0

 rule 20 permit source 172.20.110.115 0

 rule 21 permit source 172.20.110.195 0

 rule 22 permit source 172.20.110.237 0

 rule 23 permit source 172.20.110.223 0

 rule 24 permit source 172.20.110.188 0

 rule 25 permit source 172.20.110.103 0

 rule 27 permit source 172.20.110.149 0

 rule 28 permit source 172.20.110.229 0

 rule 29 permit source 172.20.110.116 0

 rule 30 permit source 172.20.110.199 0

 rule 31 permit source 172.20.110.240 0

 rule 32 permit source 172.20.110.71 0

 rule 33 permit source 172.20.110.133 0

 rule 34 permit source 172.20.110.247 0

 rule 36 permit source 172.20.110.228 0

 rule 37 permit source 172.20.110.65 0

 rule 38 permit source 172.20.110.74 0

 rule 39 permit source 172.20.110.168 0 time-range worktime

 rule 40 permit source 172.20.110.75 0

 rule 41 permit source 172.20.110.153 0

 rule 43 permit source 172.20.110.51 0

 rule 44 permit source 172.20.110.87 0

 rule 45 permit source 172.20.110.162 0

 rule 46 permit source 172.20.110.100 0

 rule 47 permit source 172.20.110.141 0

 rule 48 permit source 172.20.110.85 0

 rule 49 permit source 172.20.110.170 0

 rule 50 permit source 172.20.110.173 0

 rule 51 permit source 172.20.110.22 0

 rule 52 permit source 172.20.110.23 0

 rule 53 permit source 172.20.110.211 0

 rule 54 permit source 172.20.110.26 0

 rule 55 permit source 172.20.110.113 0

 rule 56 permit source 172.20.110.93 0

 rule 57 permit source 172.20.110.27 0

 rule 58 permit source 172.20.110.31 0

 rule 59 permit source 172.20.110.180 0

 rule 61 permit source 172.20.110.127 0

 rule 62 permit source 172.20.110.178 0

 rule 63 permit source 172.20.110.66 0

 rule 64 permit source 172.20.110.248 0

 rule 65 permit source 172.20.110.96 0

 rule 66 permit source 172.20.110.128 0

 rule 68 permit source 172.20.110.35 0

 rule 69 permit source 172.20.110.191 0

 rule 70 permit source 172.20.110.157 0

 rule 71 permit source 172.20.110.36 0

 rule 72 permit source 172.20.110.226 0

 rule 73 permit source 172.20.110.126 0

 rule 74 permit source 172.20.110.37 0

 rule 75 permit source 172.20.110.155 0

 rule 76 permit source 172.20.110.234 0

 rule 77 permit source 172.20.110.77 0 time-range worktime

 rule 78 permit source 172.20.110.40 0

 rule 79 permit source 172.20.110.233 0

 rule 80 permit source 172.20.110.227 0

 rule 81 permit source 172.20.110.193 0

 rule 82 permit source 172.20.110.39 0

 rule 83 permit source 172.20.110.190 0

 rule 84 permit source 172.20.110.54 0

 rule 85 permit source 172.20.110.82 0

 rule 86 permit source 172.20.110.67 0

 rule 87 permit source 172.20.110.29 0

 rule 88 permit source 172.20.110.174 0

 rule 89 permit source 172.20.110.172 0

 rule 90 permit source 172.20.110.72 0

 rule 91 permit source 172.20.110.171 0

 rule 92 permit source 172.20.110.104 0

 rule 93 permit source 172.20.110.179 0

 rule 94 permit source 172.20.110.208 0

 rule 95 permit source 172.20.110.112 0

 rule 96 permit source 172.20.110.185 0

 rule 97 permit source 172.20.110.151 0

 rule 98 permit source 172.20.110.102 0

 rule 99 permit source 172.20.110.68 0

 rule 100 permit source 172.20.110.146 0

 rule 101 permit source 172.20.110.129 0

 rule 102 permit source 172.20.110.152 0

 rule 103 permit source 172.20.110.69 0

 rule 104 permit source 172.20.110.163 0

 rule 105 permit source 172.20.110.167 0

 rule 106 permit source 172.20.110.156 0

 rule 107 permit source 172.20.110.70 0

 rule 108 permit source 172.20.110.110 0

 rule 109 permit source 172.20.110.150 0

 rule 110 permit source 172.20.110.135 0

 rule 111 permit source 172.20.110.76 0

 rule 112 permit source 172.20.110.145 0

 rule 113 permit source 172.20.110.147 0

 rule 114 permit source 172.20.110.117 0

 rule 115 permit source 172.20.110.13 0

 rule 116 permit source 172.20.110.28 0

 rule 117 permit source 172.20.110.120 0

 rule 118 permit source 172.20.110.182 0

 rule 119 permit source 172.20.110.212 0

 rule 120 permit source 172.20.110.80 0

 rule 121 permit source 172.20.110.158 0

 rule 122 permit source 172.20.110.241 0

 rule 123 permit source 172.20.110.101 0

 rule 125 permit source 172.20.110.224 0

 rule 126 permit source 172.20.110.205 0

 rule 127 permit source 172.20.110.123 0

 rule 128 permit source 172.20.110.92 0

 rule 129 permit source 172.20.110.169 0

 rule 130 permit source 172.20.110.124 0

 rule 131 permit source 172.20.110.98 0

 rule 132 permit source 172.20.110.253 0

 rule 133 permit source 172.20.110.83 0

 rule 134 permit source 172.20.110.105 0

 rule 135 permit source 172.20.110.160 0

 rule 136 permit source 172.20.110.204 0

 rule 137 permit source 172.20.110.220 0

 rule 139 permit source 172.20.110.119 0

 rule 200 permit source 172.20.110.194 0

#

acl number 3000

 rule 0 permit ip

 rule 1 permit icmp

 rule 2 permit udp

acl number 3001

 rule 100 permit tcp destination-port eq 7888

acl number 3002

 rule 3001 permit ip destination 124.93.228.0 0.0.0.255

 rule 3002 permit ip destination 210.113.16.201 0

 rule 3003 permit ip destination 124.93.228.249 0

 rule 3004 permit ip destination 59.46.135.249 0

 rule 3005 permit ip destination 124.93.228.251 0

 rule 3006 permit ip destination 218.25.170.0 0.0.0.255

 rule 3007 permit udp

acl number 3003

 rule 0 permit tcp source 192.168.0.0 0.0.0.255 destination 172.20.111.0 0.0.0.255

#

vlan 1

#

radius scheme system

 server-type extended

#

domain system

 access-limit disable

 state active

 idle-cut disable

 self-service-url disable

 ip pool 1 172.20.111.129 172.20.111.253

#

pki domain default

  crl check disable

#

ike proposal 1

 authentication-method rsa-signature

#

ike proposal 2

 encryption-algorithm aes-cbc 256

 dh group2

 authentication-algorithm md5

 sa duration 120

#

ike dpd vpn

 interval-time 120

 time-out 30

#

ike peer vpn_peer

 exchange-mode aggressive

 pre-shared-key cipher wrWR2LZofLx6g26QyYjqBQ==

 remote-name zyy

 local-address 218.24.155.225

 nat traversal

 dpd vpn

#

ipsec proposal vpn_prop

 transform ah-esp

 ah authentication-algorithm sha1

 esp authentication-algorithm md5

 esp encryption-algorithm aes 256

#

ipsec policy vpn_poli 1 isakmp

 security acl 3003

 ike-peer vpn_peer

 proposal vpn_prop

#

user-group system

user-group 123

 authorization-attribute level 3

 authorization-attribute user-profile 11

#

local-user 123

 password simple 123

 authorization-attribute level 3

 service-type ssh telnet terminal

local-user admin

 password cipher 2CA1HU\C[NaQ=^Q`MAF4<1!!

 authorization-attribute level 3

 service-type telnet

local-user dlzwy

 password simple dlzwy

 service-type ppp

#

interface Virtual-Template1

 ppp authentication-mode pap

 remote address pool 1

 ip address 172.20.111.129 255.255.255.128

#

interface NULL0

#

interface GigabitEthernet0/0

 port link-mo

最佳答案

粉丝:4人 关注:0人

得看下具体丢包位置,是不是丢在设备上,建议找热线求助下

暂无评论

0 个回答

该问题暂时没有网友解答

编辑答案

你正在编辑答案

如果你要对问题或其他回答进行点评或询问,请使用评论功能。

分享扩散:

提出建议

    +

亲~登录后才可以操作哦!

确定

亲~检测到您登陆的账号未在http://hclhub.h3c.com进行注册

注册后可访问此模块

跳转hclhub

你的邮箱还未认证,请认证邮箱或绑定手机后进行当前操作

举报

×

侵犯我的权益 >
对根叔社区有害的内容 >
辱骂、歧视、挑衅等(不友善)

侵犯我的权益

×

泄露了我的隐私 >
侵犯了我企业的权益 >
抄袭了我的内容 >
诽谤我 >
辱骂、歧视、挑衅等(不友善)
骚扰我

泄露了我的隐私

×

您好,当您发现根叔知了上有泄漏您隐私的内容时,您可以向根叔知了进行举报。 请您把以下内容通过邮件发送到pub.zhiliao@h3c.com 邮箱,我们会尽快处理。
  • 1. 您认为哪些内容泄露了您的隐私?(请在邮件中列出您举报的内容、链接地址,并给出简短的说明)
  • 2. 您是谁?(身份证明材料,可以是身份证或护照等证件)

侵犯了我企业的权益

×

您好,当您发现根叔知了上有关于您企业的造谣与诽谤、商业侵权等内容时,您可以向根叔知了进行举报。 请您把以下内容通过邮件发送到 pub.zhiliao@h3c.com 邮箱,我们会在审核后尽快给您答复。
  • 1. 您举报的内容是什么?(请在邮件中列出您举报的内容和链接地址)
  • 2. 您是谁?(身份证明材料,可以是身份证或护照等证件)
  • 3. 是哪家企业?(营业执照,单位登记证明等证件)
  • 4. 您与该企业的关系是?(您是企业法人或被授权人,需提供企业委托授权书)
我们认为知名企业应该坦然接受公众讨论,对于答案中不准确的部分,我们欢迎您以正式或非正式身份在根叔知了上进行澄清。

抄袭了我的内容

×

原文链接或出处

诽谤我

×

您好,当您发现根叔知了上有诽谤您的内容时,您可以向根叔知了进行举报。 请您把以下内容通过邮件发送到pub.zhiliao@h3c.com 邮箱,我们会尽快处理。
  • 1. 您举报的内容以及侵犯了您什么权益?(请在邮件中列出您举报的内容、链接地址,并给出简短的说明)
  • 2. 您是谁?(身份证明材料,可以是身份证或护照等证件)
我们认为知名企业应该坦然接受公众讨论,对于答案中不准确的部分,我们欢迎您以正式或非正式身份在根叔知了上进行澄清。

对根叔社区有害的内容

×

垃圾广告信息
色情、暴力、血腥等违反法律法规的内容
政治敏感
不规范转载 >
辱骂、歧视、挑衅等(不友善)
骚扰我
诱导投票

不规范转载

×

举报说明