摘要:PIX804防火墙的常用命令及配置要点

(1)PIX804配置icmp互ping

  • 拓扑图如下:
    PIX804防火墙配置要点.jpg
  • 完整命令:
    R1:

    en
    conf t
    int f0/0
    ip address 10.0.1.2 255.255.255.0
    no sh
    ip route 220.171.1.0 255.255.255.0 10.0.1.1

    R2:

    en
    conf t
    int  f0/0
    ip address 220.171.1.1 255.255.255.0
    no sh
    ip route 10.0.1.0 255.255.255.0 220.171.1.2

    PIX1:

    en
    conf t
    int  e1
    nameif inside
    ip address 10.0.1.1 255.255.255.0
    exit
    int e0
    nameif outside
    ip address 220.171.1.2 255.255.255.0
    exit
    access-list b1 permit icmp any any
    access-group b1 in interface outside
  • 要点:
    (1)e0是outside,e1是inside不能弄混

(2)PIX804配置互相telnet,互相icmp以及nat

  • 拓扑图如下:

PIX804防火墙配置要点.jpg

  • 完整命令:
    R1:

    en
    conf t
    int f0/0
    ip address 10.0.1.2 255.255.255.0
    no sh
    ip route 220.171.1.0 255.255.255.0 10.0.1.1

    R2:

    en
    conf t
    int  f0/0
    ip address 220.171.1.1 255.255.255.0
    no sh
    ip route 10.0.1.2 255.255.255.0 220.171.1.2

    PIX1:

    en
    conf t
    int  e1
    nameif inside
    ip address 10.0.1.1 255.255.255.0
    no sh
    exit
    int e0
    nameif outside
    ip address 220.171.1.2 255.255.255.0
    no sh
    exit
    access-list b1 permit icmp any any
    access-list b1 permit tcp any any eq telnet
    access-group b1 in interface outside
    static (inside,outside) 220.171.1.3 10.0.1.2 netmask 255.255.255.255
    
        配置完成后R2即可通过telnet 220.171.1.3来登陆R1,PIX防火墙会把220.171.1.3收到的数据包转发给 10.0.1.2
文章目录