问

MSR26-00 配置问题

策略路由

2021-11-11提问

0关注
1收藏，1191浏览

zhiliao_GWCoDM

zhiliao_GWCoDM 零段

粉丝：0人关注：0人

问题描述：

1 管理员密码 TELNET不能远程登录 WEB可以用户名发展也加了telnet 权限

2 通过ACL设置deny内网IP访问外网路由外网是三个外网配置如下

3个IP（192.0.2.36-37 26）不能访问192.168.1.3WAN1

组网及组网描述：

附件下载： startup1111.rar

最佳答案

zhiliao_GWCoDM

zhiliao_GWCoDM 知了小白

粉丝：0人关注：0人

#
version 5.20, Release 2516P15
#
sysname H3C
#
clock timezone Beijing add 08:00:00
#
super password level 3 cipher $c$3$uL5vAZrYrGzUEsnWjYnHqG3sN5er5oxLKjMEqA==
#
firewall enable
#
domain default enable system
#
dns proxy enable
#
telnet server enable
#
dar p2p signature-file flash:/p2p_default.mtd
#
port-security enable
#
password-recovery enable
#
acl number 4999
rule 1 permit
#
vlan 1
#
vlan 2
#
domain system
access-limit disable
state active
idle-cut disable
self-service-url disable
#
traffic classifier acl3980deny operator or
if-match acl 3980
#
traffic behavior acldeny
filter deny
#
qos policy PolicyLimit
#
dhcp server ip-pool vlan1 extended
network ip range 192.0.2.2 192.0.2.253
network mask 255.255.255.0
gateway-list 192.0.2.254
dns-list 192.0.2.254 202.103.24.68
#
user-group system
group-attribute allow-guest
#
local-user admin
password cipher $c$3$GIy6dlJbR1+MbjpdZtK2PcVXRj8axCww4A==
authorization-attribute level 3
service-type telnet
service-type web
#
cwmp
undo cwmp enable
#
interface Aux0
async mode flow
link-protocol ppp
#
interface Cellular0/0
async mode protocol
link-protocol ppp
qos apply policy PolicyLimit outbound
firewall packet-filter 4999 outbound
#
interface Dialer10
nat outbound
firewall packet-filter 4999 outbound
link-protocol ppp
ppp chap user syzyydffy@xnhsyzw.hb
ppp chap password cipher $c$3$yq9DJh5BUpy6P5uBQPzhLPDAdpXU8km41Zs=
ppp pap local-user syzyydffy@xnhsyzw.hb password cipher $c$3$+xqjl9dHIxI5+lApzyKVF6EamBkSLcDwh24=
ppp ipcp dns admit-any
ppp ipcp dns request
mtu 1492
ip address ppp-negotiate
tcp mss 1024
dialer user username
dialer-group 10
dialer bundle 10
qos apply policy PolicyLimit outbound
#
interface Dialer11
firewall packet-filter 4999 outbound
link-protocol ppp
qos apply policy PolicyLimit outbound
#
interface NULL0
#
interface Vlan-interface1
ip address 192.0.2.254 255.255.255.0
dhcp server apply ip-pool vlan1
#
interface Vlan-interface2
ip address 192.0.3.2 255.255.254.0
#
interface GigabitEthernet0/0
port link-mode route
firewall packet-filter 4999 outbound
nat outbound
ip address dhcp-alloc
qos apply policy PolicyLimit outbound
#
interface GigabitEthernet0/1
port link-mode route
firewall packet-filter 4999 outbound
nat outbound
pppoe-client dial-bundle-number 10
qos apply policy PolicyLimit outbound
#
interface GigabitEthernet0/2
port link-mode route
firewall packet-filter 4999 outbound
nat outbound
ip address dhcp-alloc
qos apply policy PolicyLimit outbound
#
interface GigabitEthernet0/3
port link-mode route
firewall packet-filter 4999 outbound
nat outbound
ip address 10.88.143.4 255.255.255.0
qos apply policy PolicyLimit outbound
#
interface GigabitEthernet0/4
port link-mode bridge
#
interface GigabitEthernet0/5
port link-mode bridge
#
interface GigabitEthernet0/6
port link-mode bridge
#
interface GigabitEthernet0/7
port link-mode bridge
#
interface GigabitEthernet0/8
port link-mode bridge
#
interface GigabitEthernet0/9
port link-mode bridge
#
ip route-static 0.0.0.0 0.0.0.0 192.168.1.1
ip route-static 10.87.0.0 255.255.0.0 GigabitEthernet0/3 10.88.143.1
ip route-static 10.132.0.0 255.255.0.0 GigabitEthernet0/2 172.18.14.1
ip route-static 10.255.0.0 255.255.0.0 10.88.143.1
ip route-static 172.0.0.0 255.0.0.0 Dialer10
#
dhcp enable
#
arp static 192.0.2.79 6c4b-90e1-605a 1 GigabitEthernet0/6
#
dialer-rule 10 ip permit
#
nms primary monitor-interface GigabitEthernet0/3
#
load xml-configuration
#
load tr069-configuration
#
user-interface tty 12
user-interface aux 0
user-interface vty 0 4
set authentication password cipher $c$3$ptdlZzhgdjd0dPFAyi0yDLyat+fTfS1S+A==
protocol inbound telnet
#
return