Đang chuẩn bị nút TẢI XUỐNG, xin hãy chờ
Tải xuống
Chính sách (From: Untrust,: DMZ): Nhập sau, và sau đó kích OK: Nguồn Địa chỉ: Sổ địa chỉ: (lựa chọn) Phil Điểm đến Địa chỉ: Sổ địa chỉ: (lựa chọn), Giấy phép Chức vụ hiện nay tại Top Chính sáchNhập sau, và sau đó kích OK:Ngoài các điểm chấm dứt đường hầm VPN | Chapter 3 Routing-Based VPNs Dialup-to-LAN VPN Dynamic Peer 11. Network Routing Routing Table trust-vr New Enter the following and then click OK Network Address Netmask 10.10.10.1 32 Gateway select Interface tunnel.1 untrust Gateway IP Address 0.0.0.0 Policies 12. Policies From Untrust To DMZ New Enter the following and then click OK Source Address Address Book select Phil Destination Address Address Book select Mail Server Service Remote_Mail Action Permit Position at Top select 13. Policies From DMZ To Untrust New Enter the following and then click OK Source Address Address Book select Mail Server Destination Address Address Book select Phil Service Remote_Mail Action Permit Position at Top select NetScreen Concepts Examples - Volume 4 VPNs 98 Chapter 3 Routing-Based VPNs Dialup-to-LAN VPN Dynamic Peer CLI Interfaces - Security Zones and Tunnel 1. set interface ethernet2 zone dmz 2. set interface ethernet2 ip 203.10.30.1 24 3. set interface ethernet3 zone untrust 4. set interface ethernet3 ip 203.10.20.1 24 5. set interface tunnel.1 zone dmz 6. set interface tunnel.1 ip unnumbered interface ethernet2 Addresses 7. set address dmz mail server 203.10.30.5 32 8. set address untrust phil 10.10.10.1 32 Services 9. set service ident protocol tcp src-port 0-65535 dst-port 113-113 10. set group service remote_mail 11. set group service remote_mail add ident 12. set group service remote_mail add mail 13. set group service remote_mail add pop3 VPN 14. Preshared Key set ike gateway to_phil dynamic pm@netscreen.com aggressive outgoing-interface ethernet3 preshare h1p8A24nG5 proposal pre-g2-3des-sha set vpn corp_phil gateway to_phil sec-level compatible set vpn to_branch bind interface tunnel.1 set vpn to_branch proxy-id local-ip 203.10.30.5 32 remote-ip 10.10.10.1 32 remote_mail NetScreen Concepts Examples - Volume 4 VPNs 99 Chapter 3 Routing-Based VPNs Dialup-to-LAN VPN Dynamic Peer or Certificates set ike gateway to_phil dynamic pm@netscreen.com aggressive .
