本文目录一览

1,h3c路由器防火墙怎么样设置

首先在路由器上定义时间段。然后在定义nat的acl里引入时间段。具体可查看路由手册。我也记不得命令了,只能告诉你一个思路。
防火墙,juniper第一,最贵, cisco的还不错,也贵,h3c的还好,应对中小企业没问题, 价格也不贵,比较适合中小企业。

h3c路由器防火墙怎么样设置

2,H3C防火墙的配置

感觉是ACL的问题,据我日常应用,服务器端目的端口为1433,客户端源端口应为随机(大于1024),楼主设置的规则为客户端的1433端口访问服务器的1433端口,建议改为以下规则再试一下acl number 3000 rule 1 permit tcp source-port any destination-port eq 1433
在h3c s7503上划分vlan将第一台pc与山石防火墙连接在一起,并在h3c s7503划分vlan的三层接口上添加ip地址(此ip地址与山石防火墙的ip地址在同一网段),修改pc(172.168.x.x)的网关为h3c s7503 上三层vlan 的ip 地址即可,如果h3c s7503交换机上之前有缺省路由,则不再需要添加任何配置,否则只需要添加缺省路由即可。

H3C防火墙的配置

3,H3C防火墙问题

这是区域间安全策略的问题,默认按优先级大小来比较访问权限。不同接口分不同的区域,有安全区,非安全区,DMZ,management等区域。高优先级区域可以访问低优先级区域,反之不行;优先级相同区域可以互访;相同安全区域内可以互访。
firewall system-ip这样设置防火墙管理ip地址。防火墙必须是桥模式。firewall mode transparentfirewall system-ip 192.168.1.1 255.255.255.0 以上是老版本桥模式最新版本配置改动了,如下。# bridge enable bridge 1 enable#interface ethernet0/0 promiscuous bridge-set 1 bridge-set fast-forwarding inbound bridge-set fast-forwarding outbound bridge vlanid-transparent-transmit enable#interface ethernet0/1 promiscuous bridge-set 1 bridge-set fast-forwarding inbound bridge-set fast-forwarding outbound bridge vlanid-transparent-transmit enable#interface ethernet0/2 promiscuous bridge-set 1 bridge-set fast-forwarding inbound bridge-set fast-forwarding outbound bridge vlanid-transparent-transmit enable#interface ethernet0/3 promiscuous bridge-set 1 bridge-set fast-forwarding inbound bridge-set fast-forwarding outbound bridge vlanid-transparent-transmit enable#interface ethernet1/0 promiscuous bridge-set 1 bridge-set fast-forwarding inbound bridge-set fast-forwarding outbound bridge vlanid-transparent-transmit enable#interface ethernet1/1 promiscuous bridge-set 1 bridge-set fast-forwarding inbound bridge-set fast-forwarding outbound bridge vlanid-transparent-transmit enable#interface bridge-template1 ip address 192.168.0.230 255.255.255.0

H3C防火墙问题

4,H3C防火墙 怎么样

firewall system-ip这样设置防火墙管理ip地址。防火墙必须是桥模式。firewall mode transparentfirewall system-ip 192.168.1.1 255.255.255.0 以上是老版本桥模式最新版本配置改动了,如下。# bridge enable bridge 1 enable#interface ethernet0/0 promiscuous bridge-set 1 bridge-set fast-forwarding inbound bridge-set fast-forwarding outbound bridge vlanid-transparent-transmit enable#interface ethernet0/1 promiscuous bridge-set 1 bridge-set fast-forwarding inbound bridge-set fast-forwarding outbound bridge vlanid-transparent-transmit enable#interface ethernet0/2 promiscuous bridge-set 1 bridge-set fast-forwarding inbound bridge-set fast-forwarding outbound bridge vlanid-transparent-transmit enable#interface ethernet0/3 promiscuous bridge-set 1 bridge-set fast-forwarding inbound bridge-set fast-forwarding outbound bridge vlanid-transparent-transmit enable#interface ethernet1/0 promiscuous bridge-set 1 bridge-set fast-forwarding inbound bridge-set fast-forwarding outbound bridge vlanid-transparent-transmit enable#interface ethernet1/1 promiscuous bridge-set 1 bridge-set fast-forwarding inbound bridge-set fast-forwarding outbound bridge vlanid-transparent-transmit enable#interface bridge-template1 ip address 192.168.0.230 255.255.255.0
防火墙,Juniper第一,最贵, cisco的还不错,也贵,H3C的还好,应对中小企业没问题, 价格也不贵,比较适合中小企业。
下载好的杀软,建议下载,微点主防和金山卫士一起用,包你百毒不侵。

文章TAG:h3c防火墙防火  防火墙  路由  
下一篇