• 全部
  • 经验案例
  • 典型配置
  • 技术公告
  • FAQ
  • 漏洞说明
  • 全部
  • 全部
  • 大数据引擎
  • 知了引擎
产品线
搜索
取消
案例类型
发布者
是否解决
是否官方
时间
搜索引擎
匹配模式
高级搜索

做了GREoveripsec,运行一段时间隧道就断

2019-08-06提问
  • 0关注
  • 1收藏,706浏览
zhiliao_Fq7Kj
zhiliao_Fq7Kj 零段
粉丝:0人 关注:0人

问题描述:

做了GREoveripsec,运行一段时间隧道就断了,然后自启就恢复,ospf协议

组网及组网描述:

总与分

最佳答案

铁柱
铁柱 九段
粉丝:22人 关注:1人

设备什么版本,有配置文件嘛,上传看看

version 7.1.064, Release 0605P13 3.# 4. sysname DMSD_2_XJ_ICG3000 5.# 6. clock timezone BeiJing add 08:00:00 7.# 8. telnet server enable 9.# 10.ospf 1 router-id 192.168.255.8 11. dscp 63 12. area 0.0.0.0 13. network 10.1.18.0 0.0.0.3 14. network 10.128.26.0 0.0.0.255 15.# 16. dhcp enable 17. dhcp server always-broadcast 18.# 19. dns proxy enable 20.# 21. password-recovery enable 22.# 23.vlan 1 24.# 25.dhcp server ip-pool lan 26. gateway-list 10.128.26.1 27. network 10.128.26.0 mask 255.255.255.0 28. address range 10.128.26.50 10.128.26.250 29. dns-list 114.114.114.114 30.# 31.dhcp server ip-pool lan1 32. gateway-list 192.168.0.1 33. network 192.168.0.0 mask 255.255.254.0 34. address range 192.168.1.2 192.168.1.254 35. dns-list 192.168.0.1 36.# 37.controller Cellular0/0 38.# 39.interface NULL0 40.# 41.interface LoopBack0 42. ip address 192.168.255.8 255.255.255.255 43.# 44.interface Vlan-interface1 45. ip address 10.128.26.1 255.255.255.0 46.# 47.interface Ethernet4/0 48. port link-mode bridge 49.# 50.interface Ethernet4/1 51. port link-mode bridge 52.# 53.interface Ethernet4/2 54. port link-mode bridge 55.# 56.interface Ethernet4/3 57. port link-mode bridge 58.# 59.interface GigabitEthernet0/0 60. port link-mode route 61. ip address dhcp-alloc 62. nat outbound 63. ipsec apply policy policy 64.# 65.interface GigabitEthernet0/1 66. port link-mode route 67.# 68.interface GigabitEthernet0/2 69. port link-mode route 70. combo enable copper 71.# 72.interface GigabitEthernet0/3 73. port link-mode route 74. combo enable copper 75.# 76.interface GigabitEthernet0/4 77. port link-mode route 78.# 79.interface GigabitEthernet0/5 80. port link-mode route 81.# 82.interface Tunnel0 mode gre 83. ip address 10.1.18.2 255.255.255.252 84. tcp mss 1200 85. source LoopBack0 86. destination 192.168.255.1 87. keepalive 10 3 88.# 89. scheduler logfile size 16 90.# 91.line class console 92. user-role network-admin 93.# 94.line class tty 95. user-role network-operator 96.# 97.line class vty 98. user-role network-operator 99.# 100.line con 0 101. user-role network-admin 102.# 103.line vty 0 63 104. authentication-mode scheme 105. user-role network-operator 106.# 107. ip route-static 0.0.0.0 0 192.168.20.1 108.# 109. ntp-service enable 110. ntp-service source Tunnel0 111. ntp-service unicast-server 10.1.18.1 source Tunnel0 112.# 113.acl advanced 3333 114. rule 10 permit gre source 192.168.255.8 0 destination 192.168.255.1 0 115.# 116.domain system 117.# 118. domain default enable system 119.# 120.role name level-0 121. description Predefined level-0 role 122.# 123.role name level-1 124. description Predefined level-1 role 125.# 126.role name level-2 127. description Predefined level-2 role 128.# 129.role name level-3 130. description Predefined level-3 role 131.# 132.role name level-4 133. description Predefined level-4 role 134.# 135.role name level-5 136. description Predefined level-5 role 137.# 138.role name level-6 139. description Predefined level-6 role 140.# 141.role name level-7 142. description Predefined level-7 role 143.# 144.role name level-8 145. description Predefined level-8 role 146.# 147.role name level-9 148. description Predefined level-9 role 149.# 150.role name level-10 151. description Predefined level-10 role 152.# 153.role name level-11 154. description Predefined level-11 role 155.# 156.role name level-12 157. description Predefined level-12 role 158.# 159.role name level-13 160. description Predefined level-13 role 161.# 162.role name level-14 163. description Predefined level-14 role 164.# 165.user-group system 166.# 167.local-user admin class manage 168. password hash $h$6$2ve3QdqIo+KA5bTG$Fsl0t3GyxgqHwSs752WssdtnRj93BFRW4zDl8APTuuBdHv6tSnRjfKiqnPXukBSneb7VB0M4SrF5Ksyipd9prA== 169. service-type telnet http https 170. authorization-attribute user-role network-admin 171.# 172.ipsec transform-set policy 173. esp encryption-algorithm 3des-cbc 174. esp authentication-algorithm sha1 175.# 176.ipsec policy policy 65535 isakmp 177. transform-set policy 178. security acl 3333 179. remote-address 218.75.117.10 180. ike-profile policy 181.# 182. ike invalid-spi-recovery enable 183. ike identity fqdn dmsd2xj 184.# 185.ike profile policy 186. keychain policy 187. exchange-mode aggressive 188. local-identity fqdn dmsd2xj 189. match remote identity fqdn zongbu 190. proposal 65535 191.# 192.ike proposal 65535 193.# 194.ike keychain policy 195. pre-shared-key address 218.75.117.10 255.255.255.255 key cipher $c$3$iqG9vgTVxb8qecS1xwp1QtBI7tyVWrmG 196.# 197. ip http enable 198. ip https enable 199.# 200.wlan global-configuration 201. control-address disable 202.# 203.wlan ap-group default-group 204.# 205.return

zhiliao_Fq7Kj 发表时间:2019-08-06
1 个回答
按时间 按赞数
zhiliao_Fq7Kj
zhiliao_Fq7Kj 知了小白
粉丝:0人 关注:0人

               var FrameInfo = {};

  1. version 7.1.064, Release 0605P13
  2. #
  3. sysname DMSD_2_XJ_ICG3000
  4. #
  5. clock timezone BeiJing add 08:00:00
  6. #
  7. telnet server enable
  8. #
  9. ospf 1 router-id 192.168.255.8
  10. dscp 63
  11. area 0.0.0.0
  12.   network 10.1.18.0 0.0.0.3
  13.   network 10.128.26.0 0.0.0.255
  14. #
  15. dhcp enable
  16. dhcp server always-broadcast
  17. #
  18. dns proxy enable
  19. #
  20. password-recovery enable
  21. #
  22. vlan 1
  23. #
  24. dhcp server ip-pool lan
  25. gateway-list 10.128.26.1
  26. network 10.128.26.0 mask 255.255.255.0
  27. address range 10.128.26.50 10.128.26.250
  28. dns-list 114.114.114.114
  29. #
  30. dhcp server ip-pool lan1
  31. gateway-list 192.168.0.1
  32. network 192.168.0.0 mask 255.255.254.0
  33. address range 192.168.1.2 192.168.1.254
  34. dns-list 192.168.0.1
  35. #
  36. controller Cellular0/0
  37. #
  38. interface NULL0
  39. #
  40. interface LoopBack0
  41. ip address 192.168.255.8 255.255.255.255
  42. #
  43. interface Vlan-interface1
  44. ip address 10.128.26.1 255.255.255.0
  45. #
  46. interface Ethernet4/0
  47. port link-mode bridge
  48. #
  49. interface Ethernet4/1
  50. port link-mode bridge
  51. #
  52. interface Ethernet4/2
  53. port link-mode bridge
  54. #
  55. interface Ethernet4/3
  56. port link-mode bridge
  57. #
  58. interface GigabitEthernet0/0
  59. port link-mode route
  60. ip address dhcp-alloc
  61. nat outbound
  62. ipsec apply policy policy
  63. #
  64. interface GigabitEthernet0/1
  65. port link-mode route
  66. #
  67. interface GigabitEthernet0/2
  68. port link-mode route
  69. combo enable copper
  70. #
  71. interface GigabitEthernet0/3
  72. port link-mode route
  73. combo enable copper
  74. #
  75. interface GigabitEthernet0/4
  76. port link-mode route
  77. #
  78. interface GigabitEthernet0/5
  79. port link-mode route
  80. #
  81. interface Tunnel0 mode gre
  82. ip address 10.1.18.2 255.255.255.252
  83. tcp mss 1200
  84. source LoopBack0
  85. destination 192.168.255.1
  86. keepalive 10 3
  87. #
  88. scheduler logfile size 16
  89. #
  90. line class console
  91. user-role network-admin
  92. #
  93. line class tty
  94. user-role network-operator
  95. #
  96. line class vty
  97. user-role network-operator
  98. #
  99. line con 0
  100. user-role network-admin
  101. #
  102. line vty 0 63
  103. authentication-mode scheme
  104. user-role network-operator
  105. #
  106. ip route-static 0.0.0.0 0 192.168.20.1
  107. #
  108. ntp-service enable
  109. ntp-service source Tunnel0
  110. ntp-service unicast-server 10.1.18.1 source Tunnel0
  111. #
  112. acl advanced 3333
  113. rule 10 permit gre source 192.168.255.8 0 destination 192.168.255.1 0
  114. #
  115. domain system
  116. #
  117. domain default enable system
  118. #
  119. role name level-0
  120. description Predefined level-0 role
  121. #
  122. role name level-1
  123. description Predefined level-1 role
  124. #
  125. role name level-2
  126. description Predefined level-2 role
  127. #
  128. role name level-3
  129. description Predefined level-3 role
  130. #
  131. role name level-4
  132. description Predefined level-4 role
  133. #
  134. role name level-5
  135. description Predefined level-5 role
  136. #
  137. role name level-6
  138. description Predefined level-6 role
  139. #
  140. role name level-7
  141. description Predefined level-7 role
  142. #
  143. role name level-8
  144. description Predefined level-8 role
  145. #
  146. role name level-9
  147. description Predefined level-9 role
  148. #
  149. role name level-10
  150. description Predefined level-10 role
  151. #
  152. role name level-11
  153. description Predefined level-11 role
  154. #
  155. role name level-12
  156. description Predefined level-12 role
  157. #
  158. role name level-13
  159. description Predefined level-13 role
  160. #
  161. role name level-14
  162. description Predefined level-14 role
  163. #
  164. user-group system
  165. #
  166. local-user admin class manage
  167. password hash $h$6$2ve3QdqIo+KA5bTG$Fsl0t3GyxgqHwSs752WssdtnRj93BFRW4zDl8APTuuBdHv6tSnRjfKiqnPXukBSneb7VB0M4SrF5Ksyipd9prA==
  168. service-type telnet http https
  169. authorization-attribute user-role network-admin
  170. #
  171. ipsec transform-set policy
  172. esp encryption-algorithm 3des-cbc 
  173. esp authentication-algorithm sha1 
  174. #
  175. ipsec policy policy 65535 isakmp
  176. transform-set policy 
  177. security acl 3333 
  178. remote-address 218.75.117.10
  179. ike-profile policy
  180. #
  181. ike invalid-spi-recovery enable
  182. ike identity fqdn dmsd2xj
  183. #
  184. ike profile policy
  185. keychain policy
  186. exchange-mode aggressive
  187. local-identity fqdn dmsd2xj
  188. match remote identity fqdn zongbu
  189. proposal 65535 
  190. #
  191. ike proposal 65535
  192. #
  193. ike keychain policy
  194. pre-shared-key address 218.75.117.10 255.255.255.255 key cipher $c$3$iqG9vgTVxb8qecS1xwp1QtBI7tyVWrmG
  195. #
  196. ip http enable
  197. ip https enable
  198. #
  199. wlan global-configuration
  200. control-address disable
  201. #
  202. wlan ap-group default-group
  203. #
  204. return 

设备具体型号是什么?每次重启就能恢复?

铁柱 发表时间:2019-08-06
回复铁柱:

华三的icg3000f,重启就能恢复

zhiliao_Fq7Kj 发表时间:2019-08-06

升级到最新版本观察下吧

铁柱 发表时间:2019-08-06

好的,谢谢

zhiliao_Fq7Kj 发表时间:2019-08-06

编辑答案

你正在编辑答案

如果你要对问题或其他回答进行点评或询问,请使用评论功能。

分享扩散:

提出建议

    +
网站相关
关于我们
服务条款
帮助中心
经验与权限
积分规则
联系我们
联系我们
建议反馈
常用链接
知了APP下载
标杆的神器下载
关注我们
H3C官网
新华三服务公众号
安仔远程运维服务
新华三商城
内容许可
除特别说明外,用户内容均可采用知识共享署名-相同方式共享3.0中国大陆许可协议进行许可

Copyright©2024新华三集团保留一切权利 当前呈现版本 NO.1

本图标版权归新华三集团所有,仅限本社区使用,切勿用做商业目的,违者必究

浙ICP备09064986号-1   浙公网安备 33010802004416号

亲~登录后才可以操作哦!

确定

亲~检测到您登陆的账号未在http://hclhub.h3c.com进行注册

注册后可访问此模块

跳转hclhub

你的邮箱还未认证,请认证邮箱或绑定手机后进行当前操作

举报

×

侵犯我的权益 >
对根叔社区有害的内容 >
辱骂、歧视、挑衅等(不友善)

侵犯我的权益

×

泄露了我的隐私 >
侵犯了我企业的权益 >
抄袭了我的内容 >
诽谤我 >
辱骂、歧视、挑衅等(不友善)
骚扰我

泄露了我的隐私

×

您好,当您发现根叔知了上有泄漏您隐私的内容时,您可以向根叔知了进行举报。 请您把以下内容通过邮件发送到pub.zhiliao@h3c.com 邮箱,我们会尽快处理。
  • 1. 您认为哪些内容泄露了您的隐私?(请在邮件中列出您举报的内容、链接地址,并给出简短的说明)
  • 2. 您是谁?(身份证明材料,可以是身份证或护照等证件)

侵犯了我企业的权益

×

您好,当您发现根叔知了上有关于您企业的造谣与诽谤、商业侵权等内容时,您可以向根叔知了进行举报。 请您把以下内容通过邮件发送到 pub.zhiliao@h3c.com 邮箱,我们会在审核后尽快给您答复。
  • 1. 您举报的内容是什么?(请在邮件中列出您举报的内容和链接地址)
  • 2. 您是谁?(身份证明材料,可以是身份证或护照等证件)
  • 3. 是哪家企业?(营业执照,单位登记证明等证件)
  • 4. 您与该企业的关系是?(您是企业法人或被授权人,需提供企业委托授权书)
我们认为知名企业应该坦然接受公众讨论,对于答案中不准确的部分,我们欢迎您以正式或非正式身份在根叔知了上进行澄清。

抄袭了我的内容

×

原文链接或出处

诽谤我

×

您好,当您发现根叔知了上有诽谤您的内容时,您可以向根叔知了进行举报。 请您把以下内容通过邮件发送到pub.zhiliao@h3c.com 邮箱,我们会尽快处理。
  • 1. 您举报的内容以及侵犯了您什么权益?(请在邮件中列出您举报的内容、链接地址,并给出简短的说明)
  • 2. 您是谁?(身份证明材料,可以是身份证或护照等证件)
我们认为知名企业应该坦然接受公众讨论,对于答案中不准确的部分,我们欢迎您以正式或非正式身份在根叔知了上进行澄清。

对根叔社区有害的内容

×

垃圾广告信息
色情、暴力、血腥等违反法律法规的内容
政治敏感
不规范转载 >
辱骂、歧视、挑衅等(不友善)
骚扰我
诱导投票

不规范转载

×

举报说明