配置

程序员文章站 2022-04-23 22:09:50

...

802.1x

SW3

dot1x enable

undo dot1x handshake

dot1x authentication-method eap

dot1x free-ip 10.1.5.107 32

radius-server template radius

 radius-server shared-key cipher [email protected]

 radius-server authentication 10.1.5.107 1812

 radius-server accounting 10.1.5.107 1813

quit

radius-server authorization 10.1.5.107 shared-key cipher [email protected]

aaa

 authentication-scheme radius

  authentication-mode radius

 accounting-scheme radius

  accounting-mode radius

 domain default

  authentication-scheme radius

  accounting-scheme radius

  radius-server  radius

  interface GigabitEthernet0/0/10

 dot1x enable

FW1/FW2

security-policy

rule name sw3_AC

source-zone dmz

source-zone trust

destination-zone dmz

destination-zone trust

source-address 10.1.3.3 32

source-address 10.1.5.107 32

destination-address 10.1.3.3 32

destination-address 10.1.5.107 32

action permit

portal

SW3

 web-auth-server portal
 server-ip 10.1.5.107
 port 50200
 shared-key cipher [email protected]
 url http://10.1.5.107:8080/portal
 portal free-rule 1 destination ip 10.1.5.107 mask 255.255.255.255
interface Vlanif2
 web-auth-server portal layer3

DDOS

interface e1/0/0.1
arp broadcast enable
interface e1/0/0.2
arp broadcast enable
ip route-static 10.1.5.110 32 10.1.11.61
acl number 3000
rule 5 permit ip destination 10.1.5.110 0
traffic classifier ddos operator or
if-match acl 3000
traffic behavior ddos
redirect ip-nexthop 10.1.9.21
traffic policy ddos
classifier ddos behavior ddos
interface e1/0/0.2
traffic-policy ddos inbound

interface e1/0/0.1
arp broadcast enable
interface e1/0/0.2
arp broadcast enable
ip route-static 10.1.5.110 32 10.1.11.61
acl number 3000
rule 5 permit destination 10.1.5.110 0
traffic classifier ddos operator or
if-match acl 3000
traffic behavior ddos
redirect ip-nexthop 10.1.10.21
traffic policy ddos
classifier ddos behavior ddos
interface e1/0/0.2
traffic-policy ddos inbound

antiddos

int g1/0/0.1
anti-ddos clean	enable
anti-ddos flow-statistic enable
security-policy
rule name ddos_tr_un
source-zone trust
source-zone untrust
destination-zone trust
destination-zone untrust
action permit
ip route-static 0.0.0.0 0.0.0.0 g1/0/0.1 10.1.11.11
ip route-static 0.0.0.0 0.0.0.0 g1/0/0.1 10.1.11.12 preference 100
ip route-static 10.1.5.110 255.255.255.255 10.1.13.11
ip route-static 10.1.5.110 255.255.255.255 10.1.13.12 preference 100
firewall ddos bgp-next-hop 10.1.11.11

atic

security-policy
rule name acit
source-zone loacal
source-zone trust
destination-zone loacal
destination-zone trust
source-address 10.1.12.105 32
source-address 10.1.12.61 32
destination-address 10.1.12.105 32
destination-address 10.1.12.61 32
action permit
telnet server enable
aaa
manager-user admin
service-type telnet terminal
user-interface vty 0 4
protocol inbound all
snmp-agent
snmp-agent sys-info version v2c
snmp-agent community read [email protected]
snmp-agent community write [email protected]
interface g0/0/0
service-manage telnet snmp permit

配置

802.1x

portal

DDOS

atic

详解spring boot starter redis配置文件

详解Springboot配置文件的使用

关于Java环境变量的配置（win10系统）

PHP中配置IIS7实现基本身份验证的方法

小程序页面动态配置实现方法

react配置antd按需加载的使用

添加java环境变量配置（java软件安装教程详细）

详解ASP.NET Core实现强类型Configuration读取配置数据

Oracle 数据库自动存储管理-安装配置

Python IDE PyCharm的基本快捷键和配置简介