路由器VS防火墙 ROUTER典型防火墙设置-路由器VS防火墙,ROUTER典型防火墙设置,ROUTER设置

	您现在的位置：成都电脑培训综合信息网 >> 技术学习 >> 思科技术 >> 正文
	路由器VS防火墙 ROUTER典型防火墙设置
	show running-config   　　version 11.2 　　service timestamps debug datetime msec 　　service timestamps log datetime msec 　　service password-encryption 　　no service udp-small-servers 　　no service tcp-small-servers 　　! 　　hostname fw-rtr 　　! 　　enable password cisco 　　! 　　username admin password cisco 　　username chw10.Sydney password cisco 　　no ip source-route 　　ip nat pool inside-p ool 203.1.1.2 203.1.1.254 ne tmask 255.255.255.0 　　ip nat inside source list 99 pool inside-pool 　　ip domain-list domain.com 　　ip domain-name domain.com 　　ip name-server 192.168.1.1 　　ip inspect name internet smtp 　　ip inspect name inte rnet http java-list 42 timeo ut 60 　　ip inspect name internet ftp 　　ip inspect name internet tcp 　　ip inspect name internet udp 　　ip inspect name internet realaudio 　　ip inspect name internet h323 　　ip inspect name internet cuseeme 　　isdn switch-type basic-net3 　　clock timezone AEST 10 　　! 　　interface Loopback0 　　ip address 203.1.1.1 255.255.255.0 　　! 　　interface Ethernet0 　　ip address 192.168.1.253 255.255.255.0 　　ip nat inside 　　ip route-cache same-interface 　　! 　　interface BRI0 　　no ip address 　　encapsulation ppp 　　dialer pool-member 1 　　no fair-queue 　　ppp authentication chap callin 　　ppp multilink 　　! 　　interface Dialer0 　　description BigPond Dialup Link 　　ip address 139.130.98.32 255.255.254.0 　　ip access-group 169 in 　　ip access-group 158 out 　　no ip unreachables 　　no ip directed-broadcast 　　no ip proxy-arp 　　ip nat outside 　　ip inspect internet out 　　encapsulation ppp 　　dialer remote-name chw10.Sydney 　　dialer idle-timeout 999999 　　dialer string 84486000 　　dialer load-threshold 1 either 　　dialer pool 1 　　dialer-group 1 　　no fair-queue 　　no cdp enable 　　ppp chap hostname anixte0 　　ppp multilink 　　! 　　ip classless 　　ip route 0.0.0.0 0.0.0.0 139.130.98.1 　　ip route 192.168.0.0 255.255.0.0 192.168.1.254 　　ip http server 　　ip http access-class 1 　　logging buffered 16000 debugging 　　logging 192.168.1.1 　　access-list 1 permit 192.168.1.0 0.0.0.255 　　access-list 2 deny any 　　access-list 42 permit any 　　access-list 99 permi t 192.168.0.0 0.0.255.255 　　access-list 101 deny udp any any eq rip 　　access-list 101 permit icmp any any 　　access-list 101 permit ip any any 　　access-list 158 permit icmp any any 　　access-list 158 permit udp any any 　　access-list 158 permit tcp any any 　　access-list 158 deny ip any any log-input 　　access-list 159 permit icmp any any 　　access-list 159 permit ip any any 　　access-list 159 perm it tcp any any eq smtp 　　access-list 159 perm it tcp any any eq www 　　access-list 159 permit tcp any a ny eq telnet 　　access-list 159 permit tcp any a ny eq ftp 　　access-list 159 perm it tcp any any eq ftp-data 　　access-list 159 perm it tcp any any eq domain 　　access-list 159 permit udp any a ny eq domain 　　access-list 159 perm it tcp any any eq 554 　　access-list 159 perm it tcp any any eq 7070 　　access-list 159 deny ip any any log-input 　　access-list 169 permit icmp any any 　　access-list 169 perm it tcp any any eq smtp 　　access-list 169 permit tcp any a ny eq www 　　access-list 169 perm it tcp any any eq ftp 　　access-list 169 perm it tcp any any eq domain 　　access-list 169 permit udp any a ny eq domain 　　access-list 169 deny ip any any log-input 　　access-list 181 permit tcp any a ny eq www 　　access-list 181 permit tcp any e q www any 　　access-list 182 perm it tcp any any eq ftp-data 　　access-list 182 perm it tcp any eq ftp-data any 　　snmp-server community public RO 1 　　snmp-server community private RW 1 　　snmp-server trap-source Ethernet0 　　snmp-server contact Keith Sinclair 　　snmp-server host 192.168.1.1 public 　　dialer-list 1 protocol ip permit 　　dialer-list 2 protocol ip list 101 　　banner motd # 　　****************************** *********************************** 　　* * 　　* Firewall Router. RESTRICTED ACCESS * 　　* * 　　* No Unauthorised Access. * 　　* * 　　* No Hackers, Phreaks, Crackers or so called security * 　　* experts allowed! * 　　* * 　　* Contact(s): http://www.net130.com * 　　* * 　　****************** ************************ ******************* 　　# 　　! 　　line con 0 　　login local 　　line vty 0 4 　　access-class 1 in 　　access-class 2 out 　　exec-timeout 15 0 　　login local 　　! 　　end 　　show version 　　Cisco Internetwork O perating System Software 　　IOS (tm) 1600 Softwa re (C1600-OY-L), Version 11. 2(17)P, RELEASE SOFTWARE (fc1) 　　Copyright (c) 1986-1 999 by cisco Systems, Inc. 　　Compiled Tue 12-Jan-99 14:25 by pwade 　　Image text-base: 0x0 801FC84, data-base: 0x020050 00 　　ROM: System Bootstrap, Version 1 (fc 1.1(10)AA, EARLY DEPLOYMENT RELEASE SOFTWARE 　　1) 　　ROM: 1600 Software ( RELEASE C1600-BOOT-R), Version 11.1( 10)AA, EARLY DEPLOYMENT 　　SOFTWARE (fc1) 　　fw-rtr uptime is 4 w eeks, 5 hours, 47 minutes 　　System restarted by reload 　　System image file is "flash:c160 0-oy-l_112-17_P.bin", booted via flash 　　cisco 1603 (68360) p rocessor (revision C) with 3 584K/512K bytes of memory. 　　Processor board ID 07064947, wit h hardware revision 00000000 　　Bridging software. 　　X.25 software, Versi on 2.0, NET2, BFE and GOSIP compliant. 　　Basic Rate ISDN software, Version 1.0. 　　1 Ethernet/IEEE 802.3 interface(s) 　　1 ISDN Basic Rate interface(s) 　　System/IO memory with parity disabled 　　2048K bytes of DRAM onboard 2048K bytes of DRAM on SIMM 　　System running from FLASH 　　8K bytes of non-volatile configu ration memory. 　　4096K bytes of proce ssor board PCMCIA flash (Rea d ONLY) 　　Configuration register is 0x2102

索引：路由器VS防火墙,ROUTER典型防火墙设置,ROUTER设置