acl number 3000
rule 5 permit ip source 172.17.0.0 0.0.255.255 destination 172.17.0.0 0.0.255.255
rule 10 permit ip source 172.17.0.0 0.0.255.255 destination 192.168.0.0 0.0.255.255
rule 15 permit ip source 192.168.0.0 0.0.255.255 destination 192.168.0.0 0.0.255.255
rule 20 permit ip source 192.168.0.0 0.0.255.255 destination 172.17.0.0 0.0.255.255
acl number 3001
rule 5 permit ip source 172.17.0.0 0.0.255.255 destination 116.45.85.0 0.0.0.255
rule 10 permit ip source 172.17.0.0 0.0.255.255 destination 10.208.0.0 0.0.255.255
rule 15 permit ip source 192.168.0.0 0.0.255.255 destination 116.45.85.0 0.0.0.255
rule 20 permit ip source 192.168.0.0 0.0.255.255 destination 10.208.0.0 0.0.255.255
acl number 3002
rule 5 permit ip source 192.168.100.0 0.0.0.255
traffic classifier LAN operator or
if-match acl 3000
traffic classifier AF01 operator or
if-match acl 3001
traffic classifier AF02 operator or
if-match acl 3002
traffic behavior LAN
filter permit
traffic behavior AF01
redirect next-hop 192.168.10.254
traffic behavior AF02
redirect next-hop 192.168.10.251
qos policy route01
classifier LAN behavior LAN
classifier AF01 behavior AF01
classifier AF02 behavior AF02
qos vlan-policy route01 vlan 100 inbound
这样子写,内网会直接到防火墙在回来,是不是有优先级的问题,在哪里配置,请教
核心是S7506E 双防火墙
(0)
最佳答案
亲~登录后才可以操作哦!
确定你的邮箱还未认证,请认证邮箱或绑定手机后进行当前操作
举报
×
侵犯我的权益
×
侵犯了我企业的权益
×
抄袭了我的内容
×
原文链接或出处
诽谤我
×
对根叔社区有害的内容
×
不规范转载
×
举报说明
暂无评论