用3662做NAT+Firewall的配置实例

来源: 作者: 2005-12-03 出处:pcdog.com

access  cisco  ssl  

  Building configuration...
  
  Current configuration : 1966 bytes
  !
  ! Last configuration change at 18:34:27 UTC Fri Nov 29 2002
  ! NVRAM config last updated at 18:01:28 UTC Fri Nov 29 2002
  !
  version 12.1
  no service single-slot-reload-enable
  service timestamps debug uptime
  service timestamps log uptime
  service password-encryption
  !
  hostname cisco3662
  !
  enable secret 5
  enable password 7
  !
  !
  !
  !
  !
  ip subnet-zero
  no ip domain-lookup
  !
  ip inspect name internetin cuseeme timeout 3600
  ip inspect name internetin ftp timeout 3600
  ip inspect name internetin h323 timeout 3600
  ip inspect name internetin http timeout 3600
  ip inspect name internetin rcmd timeout 3600
  ip inspect name internetin realaudio timeout 3600
  ip inspect name internetin smtp timeout 3600
  ip inspect name internetin sqlnet timeout 3600
  ip inspect name internetin streamworks timeout 3600
  ip inspect name internetin tcp timeout 3600
  ip inspect name internetin tftp timeout 30
  ip inspect name internetin udp timeout 15
  ip inspect name internetin vdolive timeout 3600
  ip audit notify log
  ip audit po max-events 100
  !
  !
  interface FastEthernet0/0
  ip address 211.123.212.2 255.255.255.128
  ip nat outside
  ip inspect internetin in
  duplex auto
  speed auto
  !
  interface FastEthernet0/1
  no ip address
  shutdown
  duplex auto
  speed auto
  !
  interface FastEthernet1/0
  ip address 172.16.255.106 255.255.255.224
  ip nat inside
  duplex auto
  speed auto
  !
  ip nat pool outpool 211.123.212.65 211.123.212.85 netmask 255.255.255.128
  ip nat inside source list 11 pool outpool overload
  ip classless
  ip route 0.0.0.0 0.0.0.0 211.123.212.1
  ip route 172.16.0.0 255.255.0.0 FastEthernet1/0
  ip route 192.168.0.0 255.255.0.0 FastEthernet1/0
  no ip http server
  !
  access-list 11 permit 172.16.0.0 0.0.255.255
  access-list 11 permit 192.168.0.0 0.0.255.255
  !
  !
  line con 0
  exec-timeout 5 0
  line aux 0
  line vty 0 4
  exec-timeout 5 0
  password 7
  login
  !
  end
更多内容请看PCdog.com--NAT配置相关文章  win98使用技巧专题
上一篇:AS 5300 配置实例
下一篇:2500接入服务器配置