映射问题
映射后可以访问到内部的NVR 但是只能查看一半的摄像头信息,地址转换有无问题?
做了基于接口的和全局的两种 受不受影响?
两个地址转换
内部地址1:IP10.53.53.55 外部地址1:10.7.212.3
内部地址2:IP10.53.53.50 外部地址2:10.7.212.4
需求:外部用户通过访问外部地址达到访问内部NVR的需求。
防火墙配置
#
ip vpn-instance ZZBZX route-distinguisher 100:4000
vpn-target 100:4000 export-extcommunity
vpn-target 100:4000 import-extcommunity
#
acl number 3002
rule 0 permit ip vpn-instance ZZBZX source 10.53.53.0 0.0.0.255
rule 5 permit ip vpn-instance ZZBZX source 10.53.51.0 0.0.0.255
#
# interface Vlan-interface234
nat outbound 3002
nat server protocol tcp global 10.7.212.2 any vpn-instance ZZBZX inside 10.53.53.155 any vpn-instance ZZBZX
ip binding vpn-instance ZZBZX ip address 16.16.16.1 255.255.255.0
#
interface Vlan-interface235
nat outbound static nat outbound 3002
nat server protocol tcp global 10.7.212.2 any vpn-instance ZZBZX inside 10.53.53.155 any vpn-instance ZZBZX
nat server protocol tcp global 10.7.212.3 any vpn-instance ZZBZX inside 10.53.53.55 any vpn-instance ZZBZX
nat server protocol tcp global 10.7.212.4 any vpn-instance ZZBZX inside 10.53.51.50 any vpn-instance ZZBZX
ip binding vpn-instance ZZBZX ip address 10.7.212.2 255.255.255.0
#
zone name zzbzx id 97 priority 1
import interface Vlan-interface234
import interface Vlan-interface235
#
interzone source Any destination Any
rule 0 permit
source-ip any_address
destination-ip any_address
service any_service
rule enable
#
nat static 10.53.53.55 vpn-instance ZZBZX 10.7.212.3 vpn-instance ZZBZX
nat static 10.53.51.50 vpn-instance ZZBZX 10.7.212.4 vpn-instance ZZBZX
(0)
最佳答案
亲~登录后才可以操作哦!
确定你的邮箱还未认证,请认证邮箱或绑定手机后进行当前操作
举报
×
侵犯我的权益
×
侵犯了我企业的权益
×
抄袭了我的内容
×
原文链接或出处
诽谤我
×
对根叔社区有害的内容
×
不规范转载
×
举报说明
这个板卡具体型号是什么
把全局的关掉吗?不关不是也不影响吗