2024年4月4日发(作者:羿齐心)
F100S限制上网配置操作步骤
实现限制上网功能需要两步操作:
1. 限制上网IP:
Acl num 3000为Nat功能所引用访问控制列表,可以通过配置acl 3000中的rule
规则限制nat 转换ip,进而实现限制上网ip,方法如下:
System View: return to User View with Ctrl+Z.
[TaianYinZuoF100-S]acl num 3000
[TaianYinZuoF100-S-acl-adv-3000]dis this
#
acl number 3000
description Nat
rule 10 permit ip source 168.38.28.88 0
#
return
[TaianYinZuoF100-S-acl-adv-3000]rule 11 per ip sou 168.38.28.81 0
[TaianYinZuoF100-S-acl-adv-3000]dis this
#
acl number 3000
description Nat
rule 10 permit ip source 168.38.28.88 0
rule 11 permit ip source 168.38.28.81 0
#
return
[TaianYinZuoF100-S-acl-adv-3000]
删除方法:
[TaianYinZuoF100-S-acl-adv-3000]undo rule 11
2. 绑定IP、Mac:
绑定IP、Mac地址,实现未绑定的电脑,限制未绑定的电脑更改合理上网ip进行上
网:方法如下:
[TaianYinZuoF100-S]arp static 168.38.28.88 c89c-dc30-bd61
[TaianYinZuoF100-S]undo arp static 168.38.28.1
配置完毕,确认无问题后,保存配置:
注:颜色标记部分,为命令;粗体部分为重复添加项。
/Service/Document_Center/IP_Security/FW_VPN/F100
-S/
2024年4月4日发(作者:羿齐心)
F100S限制上网配置操作步骤
实现限制上网功能需要两步操作:
1. 限制上网IP:
Acl num 3000为Nat功能所引用访问控制列表,可以通过配置acl 3000中的rule
规则限制nat 转换ip,进而实现限制上网ip,方法如下:
System View: return to User View with Ctrl+Z.
[TaianYinZuoF100-S]acl num 3000
[TaianYinZuoF100-S-acl-adv-3000]dis this
#
acl number 3000
description Nat
rule 10 permit ip source 168.38.28.88 0
#
return
[TaianYinZuoF100-S-acl-adv-3000]rule 11 per ip sou 168.38.28.81 0
[TaianYinZuoF100-S-acl-adv-3000]dis this
#
acl number 3000
description Nat
rule 10 permit ip source 168.38.28.88 0
rule 11 permit ip source 168.38.28.81 0
#
return
[TaianYinZuoF100-S-acl-adv-3000]
删除方法:
[TaianYinZuoF100-S-acl-adv-3000]undo rule 11
2. 绑定IP、Mac:
绑定IP、Mac地址,实现未绑定的电脑,限制未绑定的电脑更改合理上网ip进行上
网:方法如下:
[TaianYinZuoF100-S]arp static 168.38.28.88 c89c-dc30-bd61
[TaianYinZuoF100-S]undo arp static 168.38.28.1
配置完毕,确认无问题后,保存配置:
注:颜色标记部分,为命令;粗体部分为重复添加项。
/Service/Document_Center/IP_Security/FW_VPN/F100
-S/