H3C SecPath F100-M-G 端口放行问题
- 0关注
- 1收藏,844浏览
问题描述:
录像机地址 172.5.43.101---105
需要放行的端口 5060 554 443 8000 8443 30999 10000到30000
请高手指教配置问题!!!
interface GigabitEthernet0/0
port link-mode route
nat outbound static
nat outbound
ip address 172.5.43.254 255.255.255.0
#
interface GigabitEthernet0/1
port link-mode route
nat outbound static
nat outbound
nat server protocol tcp global 218.57.236.*** 554 inside 172.5.43.101 554
nat server protocol tcp global 218.57.236.*** 8000 inside 172.5.43.101 8000
nat server protocol tcp global 218.57.236.*** 2080 inside 172.5.43.102 www
nat server protocol tcp global 218.57.236.*** 8443 inside 172.5.43.101 8443
nat server protocol tcp global 218.57.236.*** 30999 inside 172.5.43.101 30999
nat server protocol udp global 218.57.236.*** any inside 172.5.43.102 any
nat server protocol tcp global 218.57.236.*** 5060 inside 172.5.43.101 5060
nat server protocol tcp global 218.57.236.*** 2081 inside 172.5.43.101 www
ip address 218.57.236.*** 255.255.255.0
interface GigabitEthernet0/2
port link-mode route
#
interface GigabitEthernet0/3
port link-mode route
#
interface GigabitEthernet0/4
port link-mode route
#
interface GigabitEthernet0/5
port link-mode route
#
vd Root id 1
#
zone name Management id 0
priority 100
import interface GigabitEthernet0/0
import interface GigabitEthernet0/1
zone name Local id 1
priority 100
zone name Trust id 2
priority 85
zone name DMZ id 3
priority 50
zone name Untrust id 4
priority 5
switchto vd Root
object network host gh28181
host address 172.5.43.101
host address 172.5.43.102
host address 172.5.43.103
host address 172.5.43.104
host address 172.5.43.105
object network host webserver
description WEB服务器
host address 172.5.43.3
object service hbjk-tcp
description 放射源
service tcp source-port 10000 30000 destination-port 10000 30000
object service hbjk-udp
description 放射源
service udp source-port 10000 30000 destination-port 10000 30000
object service tcp8110
description TCP8110
service tcp source-port 8110 destination-port 8110
object service tcp8380_8390
description SCADA
service tcp source-port 8380 8390 destination-port 8390
object service tcp8400
description web远程桌面
service tcp source-port 8400 destination-port 3389
object service tcp(8006-8008)
description WEB发布服务
service tcp source-port 8006 8008 destination-port 8006 8008
zone name Management id 0
ip virtual-reassembly
zone name Local id 1
ip virtual-reassembly
zone name Trust id 2
ip virtual-reassembly
zone name DMZ id 3
ip virtual-reassembly
zone name Untrust id 4
ip virtual-reassembly
interzone source Any destination Local
rule 0 permit logging
source-ip any_address
destination-ip webserver
service tcp8110
service tcp8380_8390
service tcp8400
rule enable interzone source Any destination Any
rule 0 permit logging
comment 放射源
source-ip any_address
destination-ip gh28181
service sip-tcp
service sip-udp
service rtsp
service hbjk-udp
service hbjk-tcp
rule enable
#
ip route-static 0.0.0.0 0.0.0.0 218.57.236.1
组网及组网描述:
对齐方式
- 靠左
- 居中
- 靠右
H3C Comware Platform Software
Comware Software, Version 5.20, Release 5142P02
- 2021-09-04提问
- 举报
-
(0)
最佳答案
编辑答案
亲~登录后才可以操作哦!
确定你的邮箱还未认证,请认证邮箱或绑定手机后进行当前操作
举报
×
侵犯我的权益
×
侵犯了我企业的权益
×
- 1. 您举报的内容是什么?(请在邮件中列出您举报的内容和链接地址)
- 2. 您是谁?(身份证明材料,可以是身份证或护照等证件)
- 3. 是哪家企业?(营业执照,单位登记证明等证件)
- 4. 您与该企业的关系是?(您是企业法人或被授权人,需提供企业委托授权书)
抄袭了我的内容
×
原文链接或出处
诽谤我
×
- 1. 您举报的内容以及侵犯了您什么权益?(请在邮件中列出您举报的内容、链接地址,并给出简短的说明)
- 2. 您是谁?(身份证明材料,可以是身份证或护照等证件)
对根叔社区有害的内容
×
不规范转载
×
举报说明
暂无评论