谁可以详细解释一下这些配置..................
#sysnameR1#super password level 3 cipher @@@@@#12tp enable#cpu-usage cycle 1min#radius scheme systemradius scheme hhhauthentication primary ip 10.10.10.10 key simple vpdnaccounting primary ip 10.10.10.10accounting optional#domain hhh.zgscheme radius-scheme hhhauthentication radius-scheme hhhaccounting radius-scheme hhhzccounting optionalip pool 1 192.168.100.2 192.168.100.72domain system#local-user adminpassword cipher....service-type telnetlevel 3#dhcp server ip-pool 1network 192.168.100.0 mask 255.255.255.0gateway-list 192.168.100.1dns-list xx.xx.xx.xx#dhcp server ip-pool 2static-bind ip-address 192.168.100.252 mask 255.255.255.0static-bind mac-address aaaa-bbbb-ccccexpired unlimited#acl number 3001rule 0 permit ip source 192.168.100.0 0.0.0.255rule 1 deny iprule 2 deny tcp source-port eq 3127rule 3 deny tcp source-port eq1025rule 4 deny tcp source-port eq 5554rule 5 deny tcp source-port eq 9996rule 6 deny tcp source-port eq 1068rule 7 deny tcp source-port eq 135rule 8 deny tcp source-port eq 137rule 9 deny udp source-port eq netbios-nsrule 10 deny udp source-port eq 135rule 11 deny udp source-port eq netbios-dgmrule 12 deny tcp source-port eq 138rule 13 deny tcp source-port eq 139rule 14 deny udp source-port eq netbios-ssnrule 15 deny tcp source-port eq 593rule 16 deny tcp source-port eq 4444rule 17 deny tcp source-port eq 5800rule 18 deny tcp source-port eq 8900rule 19 deny tcp source-port eq 445rule 20 deny udp source-port eq 445rule 21 deny udp source-port eq 1434acl number 3002#interface virtual-Template1ppp authentication-mode pap domain hhh.zgmut 1300ip address unnumbered int e0/1remote address pool 1#interface Aux0async mode flow#int e0/0description internetip add 3.3.3.3 255.255.255.252nat outbound 3001net server protocol tcp global 3.3.3.3 8055 inside 192.168.100.252 8055net server protocol tcp global 3.3.3.3 8057 inside 192.168.100.252 8057net server protocol tcp global 3.3.3.3 pptp inside 192.168.100.252 pptpnet server protocol tcp global 3.3.3.3 1433 inside 192.168.100.252 1433net server protocol tcp global 3.3.3.3 6129 inside 192.168.100.252 6129#int e0/1description intranetip add 192.168.100.1 255.255.255.0arp-proxy enable#int s0/0clock DTECLK1link-protocol pppip address dhcp-alloc#interface NULL0#mandatory-lcpallow 12tp virtual-template 1 remote hhhtunnel password cipher *****tunnerl name hhh#FTP server enable#dhcp server forbidden-ip 192.168.100.1 192.168.100.72dhcp server forbidden-ip 192.168.100.101 192.168.100.254#ip route-static 0.0.0.0 0.0.0.0 3.3.3.2preference 60#user-interface con 0user-interface aux 0user-interface vty 0 4authentication-mode schemeset authentication password simple aaa#return思科的把= = 你是那几句不懂还是大部分不懂? 基本上能懂一点,但是我想知道这样配置的逻辑
页:
[1]