问题描述
组网配置如下
#
interface GigabitEthernet1/0/1
port link-mode route
combo enable copper
ip binding vpn-instance 11
ip address 1.1.1.1 255.255.255.0
#
interface GigabitEthernet1/0/2
port link-mode route
combo enable copper
ip binding vpn-instance 22
ip address 1.1.1.2 255.255.255.0
#
#
security-zone name 11
import interface GigabitEthernet1/0/1
#
security-zone name 22
import interface GigabitEthernet1/0/2
#
#
security-policy ip
rule 1 name 11
action pass
vrf 11
source-zone local
destination-zone 11
rule 2 name 22
action pass
vrf 22
source-zone 22
destination-zone local
#
解决方法
查看会话
[H3C]dis session table ipv4 verbose
Slot 1:
Initiator:
Source IP/port: 1.1.1.1/13192
Destination IP/port: 1.1.1.2/2048
DS-Lite tunnel peer: -
VPN instance/VLAN ID/Inline ID: 11/-/-
Protocol: ICMP(1)
Inbound interface: InLoopBack0
Source security zone: Local
Responder:
Source IP/port: 1.1.1.2/13192
Destination IP/port: 1.1.1.1/0
DS-Lite tunnel peer: -
VPN instance/VLAN ID/Inline ID: 11/-/-
Protocol: ICMP(1)
Inbound interface: GigabitEthernet1/0/1
Source security zone: 11
State: ICMP_REPLY
Application: ICMP
Rule ID: 1
Rule name: 11
Start time: 2024-02-02 23:59:10 TTL: 20s
Initiator->Responder: 0 packets 0 bytes
Responder->Initiator: 0 packets 0 bytes
Initiator:
Source IP/port: 1.1.1.1/13192
Destination IP/port: 1.1.1.2/2048
DS-Lite tunnel peer: -
VPN instance/VLAN ID/Inline ID: 22/-/-
Protocol: ICMP(1)
Inbound interface: GigabitEthernet1/0/2
Source security zone: 22
Responder:
Source IP/port: 1.1.1.2/13192
Destination IP/port: 1.1.1.1/0
DS-Lite tunnel peer: -
VPN instance/VLAN ID/Inline ID: 22/-/-
Protocol: ICMP(1)
Inbound interface: InLoopBack0
Source security zone: Local
State: ICMP_REPLY
Application: ICMP
Rule ID: 2
Rule name: 22
Start time: 2024-02-02 23:59:10 TTL: 20s
Initiator->Responder: 0 packets 0 bytes
Responder->Initiator: 0 packets 0 bytes
Total sessions found: 2
✖
案例意见反馈
亲~登录后才可以操作哦!
确定你的邮箱还未认证,请认证邮箱或绑定手机后进行当前操作