3300v如何設定
發表於 : 週四 4月 17日, 2008年 11:39 pm大家好.因為我對防火牆是菜鳥.不太會設.所以要請教一下如何設定
我公司現在有3條adsl ,現在我先用一條在試看.限制內網某一台電腦(192.168.9.132 /24只能收mail不能上網及即時通
adsl設定為192.168.0.2 dns 201.162.0.11
3300v wan1 192.168.0.4 gate 192.168.0.2 subnet mask 255.255.255.0
LAN 192.168.9.2 /24
BIND IP TO MAC 192.168.9.132 XX:XX:XX:XX:XX:XX
IM/P2P BLOCKING 全部打勾後disallow
ip filter
group table
pass next group block
Source IP Subnet Mask Port
Destination IP Subnet Mask Port
Protocol Direction Block Active
192.168.9.132 255.255.255.0
any 255.255.255.0 25
tcp lan to wan Pass immediately
192.168.9.132 255.255.255.0
any 255.255.255.0 110
tcp lan to wan Pass immediately
192.168.9.132 255.255.255.0
any 255.255.255.0 53
tcp/udp lan to wan Pass immediately
block next group pass
192.168.9.0 255.255.255.0 any any protocol LAN to WAN Block if no further match<--選了這個next group pass
若是block沒有設 全部都沒有設限.
請教大家.我是那些設定錯誤及沒有設定到
謝謝
我公司現在有3條adsl ,現在我先用一條在試看.限制內網某一台電腦(192.168.9.132 /24只能收mail不能上網及即時通
adsl設定為192.168.0.2 dns 201.162.0.11
3300v wan1 192.168.0.4 gate 192.168.0.2 subnet mask 255.255.255.0
LAN 192.168.9.2 /24
BIND IP TO MAC 192.168.9.132 XX:XX:XX:XX:XX:XX
IM/P2P BLOCKING 全部打勾後disallow
ip filter
group table
pass next group block
Source IP Subnet Mask Port
Destination IP Subnet Mask Port
Protocol Direction Block Active
192.168.9.132 255.255.255.0
any 255.255.255.0 25
tcp lan to wan Pass immediately
192.168.9.132 255.255.255.0
any 255.255.255.0 110
tcp lan to wan Pass immediately
192.168.9.132 255.255.255.0
any 255.255.255.0 53
tcp/udp lan to wan Pass immediately
block next group pass
192.168.9.0 255.255.255.0 any any protocol LAN to WAN Block if no further match<--選了這個next group pass
若是block沒有設 全部都沒有設限.
請教大家.我是那些設定錯誤及沒有設定到
謝謝