高校问答十月天使护肤品价格:CISCO1721 如何封POCO?比如封端口9000和9099,登陆服务器地址61.145.116.233
来源:百度文库 编辑:高校问答 时间:2024/05/13 06:09:46
贴上配置
no service password-encryption
!
hostname workman
!
boot-start-marker
boot-end-marker
!
logging buffered 51200 warnings
enable secret 5 $1$QKAA$vGbFHw8bu5bH7VUKWBVa7/
!
username cisco privilege 15 secret 5 $1$FY/8$Etiv/3FB/Oqwmpl8WjwCv.
mmi polling-interval 60
no mmi auto-configure
no mmi pvc
mmi snmp-timeout 180
no aaa new-model
ip subnet-zero
ip cef
!
!
!
ip dhcp pool nwnet-user
network 192.168.0.0 255.255.255.0
default-router 192.168.0.1
domain-name ws
dns-server 20*.10*.19*.11* 20*.10*.0.2* 21*.82.*.*
lease 0 5
!
no ip bootp server
ip domain name yourdomain.com
no ftp-server write-enable
!
!
!
!
interface Ethernet0
description $ETH-LAN$
ip address 192.168.0.1 255.255.255.0
ip access-group 3 in
ip nat inside
half-duplex
!
interface FastEthernet0
description $ETH-LAN$$ETH-SW-LAUNCH$$INTF-INFO-10/100 Ethernet$
ip address 20*.16*.20*.5* 255.255.255.252
ip nat outside
speed auto
!
ip nat inside source list 1 interface FastEthernet0 overload
ip classless
ip route 0.0.0.0 0.0.0.0 202.16*.208.4*
ip http server
ip http authentication local
ip http timeout-policy idle 5 life 86400 requests 10000
!
access-list 1 permit 192.168.0.0 0.0.0.255
access-list 3 permit 192.168.0.111
access-list dynamic-extended
arp 192.168.0.111 0000.e811.c6d2 ARPA
banner login ^C
no service password-encryption
!
hostname workman
!
boot-start-marker
boot-end-marker
!
logging buffered 51200 warnings
enable secret 5 $1$QKAA$vGbFHw8bu5bH7VUKWBVa7/
!
username cisco privilege 15 secret 5 $1$FY/8$Etiv/3FB/Oqwmpl8WjwCv.
mmi polling-interval 60
no mmi auto-configure
no mmi pvc
mmi snmp-timeout 180
no aaa new-model
ip subnet-zero
ip cef
!
!
!
ip dhcp pool nwnet-user
network 192.168.0.0 255.255.255.0
default-router 192.168.0.1
domain-name ws
dns-server 20*.10*.19*.11* 20*.10*.0.2* 21*.82.*.*
lease 0 5
!
no ip bootp server
ip domain name yourdomain.com
no ftp-server write-enable
!
!
!
!
interface Ethernet0
description $ETH-LAN$
ip address 192.168.0.1 255.255.255.0
ip access-group 3 in
ip nat inside
half-duplex
!
interface FastEthernet0
description $ETH-LAN$$ETH-SW-LAUNCH$$INTF-INFO-10/100 Ethernet$
ip address 20*.16*.20*.5* 255.255.255.252
ip nat outside
speed auto
!
ip nat inside source list 1 interface FastEthernet0 overload
ip classless
ip route 0.0.0.0 0.0.0.0 202.16*.208.4*
ip http server
ip http authentication local
ip http timeout-policy idle 5 life 86400 requests 10000
!
access-list 1 permit 192.168.0.0 0.0.0.255
access-list 3 permit 192.168.0.111
access-list dynamic-extended
arp 192.168.0.111 0000.e811.c6d2 ARPA
banner login ^C
access-list 120 deny tcp any any eq 9000
access-list 130 deny tcp any any eq 9099
将这两条扩展ACL应用到out方向上。
用P2P吧,很方便的,你的太麻烦