Building configuration...
Current configuration : 1966 bytes
!
! Last configuration change at 18:34:27 UTC Fri Nov 29 2002
! NVRAM config last updated at 18:01:28 UTC Fri Nov 29 2002
!
version 12.1
no service single-slot-reload-enable
service timestamps debug uptime
service timestamps log uptime
service password-encryption
!
hostname cisco3662
!
enable secret 5
enable password 7
!
ip subnet-zero
no ip domain-lookup
!
ip inspect name internetin cuseeme timeout 3600
ip inspect name internetin ftp timeout 3600
ip inspect name internetin h323 timeout 3600
ip inspect name internetin http timeout 3600
ip inspect name internetin rcmd timeout 3600
ip inspect name internetin realaudio timeout 3600
ip inspect name internetin smtp timeout 3600
ip inspect name internetin sqlnet timeout 3600
ip inspect name internetin streamworks timeout 3600
ip inspect name internetin tcp timeout 3600
ip inspect name internetin tftp timeout 30
ip inspect name internetin udp timeout 15
ip inspect name internetin vdolive timeout 3600
ip audit notify log
ip audit po max-events 100
!
!
interface FastEthernet0/0
ip address 211.123.212.2 255.255.255.128
ip nat outside
ip inspect internetin in
duplex auto
speed auto
!
interface FastEthernet0/1
no ip address
shutdown
duplex auto
speed auto
!
interface FastEthernet1/0
ip address 172.16.255.106 255.255.255.224
ip nat inside
duplex auto
speed auto
!
ip nat pool outpool 211.123.212.65 211.123.212.85 netmask 255.255.255.128
ip nat inside source list 11 pool outpool overload
ip classless
ip route 0.0.0.0 0.0.0.0 211.123.212.1
ip route 172.16.0.0 255.255.0.0 FastEthernet1/0
ip route 192.168.0.0 255.255.0.0 FastEthernet1/0
no ip http server
!
access-list 11 permit 172.16.0.0 0.0.255.255
access-list 11 permit 192.168.0.0 0.0.255.255
!
!
line con 0
exec-timeout 5 0
line aux 0
line vty 0 4
exec-timeout 5 0
password 7
login
!
end
2008年11月27日星期四
用3662做NAT+Firewall的配置实例
订阅:
博文评论 (Atom)
0 评论:
发表评论