dis cu
#
sysname H3C
#
l2tp enable //开启动L2TP协议
#
nat address-group 20 xx.xx.xx.xx xx.xx.xx.xx
nat static 192.168.1.1 211.99.10.148
nat static 192.168.1.5 211.99.10.158
nat static 192.168.1.4 211.99.10.157
nat static 192.168.1.3 211.99.10.156
nat static 192.168.1.2 211.99.10.155
#
DNS resolve
DNS-proxy enable
#
web set-package force flash:/http.zip
#
radius scheme system
#
domain system
ip pool 1 192.168.250.2 192.168.250.3 //设置***的地址池
#
local-user admin
password simple huawei
service-type telnet terminal
level 3
service-type ftp
local-user caolei
password simple caolei
service-type ppp ///设置***的用户名字与密码,然后开启动PPP协议
local-user huawei
password simple huawei
service-type telnet
level 3
local-user pppoe
password cipher (Z9S*/B*+TOQ=^Q`MAF4<1!!
service-type ppp
#
dhcp server ip-pool jingliren
network 192.168.1.0 mask 255.255.255.224
gateway-list 192.168.1.1
dns-list 202.106.196.115 202.106.0.20
#
acl number 2000
rule 0 permit source 192.168.1.0 0.0.0.31
rule 2 permit source 192.168.250.0 0.0.0.31
rule 3 deny
#
acl number 3000
rule 0 deny tcp destination-port eq 6667
rule 1 deny tcp destination-port eq 1434
rule 2 deny udp destination-port eq 4444
rule 3 deny tcp destination-port eq 135
rule 4 deny udp destination-port eq 135
rule 5 deny udp destination-port eq netbios-ssn
rule 6 deny tcp destination-port eq 139
rule 7 permit ip
#
interface Virtual-Template0
ppp authentication-mode pap
ip address 192.168.250.1 255.255.255.0 //在虚拟摸块设置ppp验证,然后设置网关
#
interface Ethernet1/0
ip address 192.168.1.1 255.255.255.224
ip address 211.xx.xx.xx 255.255.255.128 sub
qos car inbound any cir 4096000 cbs 204800 ebs 1000 gree
qos car outbound any cir 4096000 cbs 204800 ebs 1000 gre ///QOS设置带宽限制
#
interface Ethernet1/1
#
interface Ethernet1/2
#
interface Ethernet1/3
#
interface Ethernet1/4
#
interface Ethernet3/0
ip address 192.168.xx.xx 255.255.255.252
firewall packet-filter 3000 inbound
nat outbound static
nat outbound 2000 address-group 20
#
interface Atm2/0
#
interface Virtual-Ethernet0
#
interface NULL0
#
l2tp-group 1
undo tunnel authentication //不进行TUNNEL认证
mandatory-lcp /////LCP再协商/
allow l2tp virtual-template 0 /接受任何LAC的l2tp请求,并绑定到VT0/
#
FTP server enable
#
dhcp server forbidden-ip 192.168.1.2 192.168.1.6
#
ip route-static 0.0.0.0 0.0.0.0 192.168.xx.xx preferenc
#
snmp-agent
snmp-agent local-engineid 7F00000100002893
snmp-agent community read jingliren
snmp-agent sys-info version all
#
user-interface con 0
user-interface vty 0 4
authentication-mode scheme
user privilege level 3
#
return
<H3C>
华为基本配置
發表評論
所有評論
還沒有人評論,想成為第一個評論的人麼? 請在上方評論欄輸入並且點擊發布.
相關文章
Linux基本操作命令
wbzjacky
2019-02-24 13:12:38
真实的模拟***综合实验
wbzjacky
2019-02-24 13:12:37
三层交换机的HSRP、vlan、端口聚合
wbzjacky
2019-02-24 13:12:37
华为设备---影响OSPF邻居建立的因素
cutesk
2019-02-24 13:35:48
如果同事暗中伤害你,应该怎么办?
這個饅頭有餡
2019-02-24 13:59:08
职场中,抱怨越多的员工,越被领导瞧不起!
這個饅頭有餡
2019-02-24 13:59:08
老程序员被裁,应届生却能月薪 1.3 万?这你能忍?
前端高達
2019-02-24 13:48:04
遇到到处蹭吃却从不请客吃饭的主怎么办?
樑軍年
2019-02-24 13:26:35
高标准机房综合配线安装
wbzjacky
2019-02-24 13:12:38
IPsec ***实验
wbzjacky
2019-02-24 13:12:37
CISCO路由AAA的Easy ***
wbzjacky
2019-02-24 13:12:37
CISCO访问控制列表 企业网络管理的必杀技
wbzjacky
2019-02-24 13:12:37