123.png

 

 

#
interface Ethernet0/0
 port link-mode route
 nat outbound address-group 0
 nat server protocol tcp global 183.213.190.235 www inside 192.168.2.10 www
 nat server protocol tcp global 183.213.190.235 3389 inside 192.168.2.10 3389
 nat server protocol tcp global 183.213.190.235 8080 inside 192.168.2.10 8080
 ip address 183.213.190.235 255.255.255.224
#
H3C SecPath 防火墙设置之端口映射(命令)
TELNET 登陆 183.213.190.235 ygls ygls12345
登陆系统后:
1.显示防火墙当前生效配置参数。
display current-configuration
找到如下信息:
#
 interface Ethernet0/0
 ip address 172.16.1.1 255.255.255.0
 nat outbound 2000
 nat server protocol tcp global 172.16.1.1 www inside 192.168.1.254 www
 nat server protocol tcp global 172.16.1.1 22 inside 192.168.1.254 22
#
2.进入系统视图
 system-view
 [H3C]
3.进入网卡0
 [H3C]interface ethernet0/0
 [H3C-Ethernet0/0]
4.运行nat 命令添加FTP端口映射。
[H3C-Ethernet0/0] nat server protocol tcp global 172.16.1.1 ftp inside 192.168.1.254 ftp
5.查看防火墙当前生效配置参数。
display current-configuration
找到如下信息:
 interface Ethernet0/0
 ip address 172.16.1.1 255.255.255.0
 nat outbound 2000
 nat server protocol tcp global 172.16.1.1 www inside 192.168.1.254 www
 nat server protocol tcp global 172.16.1.1 22 inside 192.168.1.254 22
 nat server protocol tcp global 172.16.1.1 ftp inside 192.168.1.254 ftp
6.测试FTP端口是否映射成功。
 C:\Documents and Settings\aran>ftp 5X.21X.24X.24X
 Connected to 5X.21X.24X.24X.
 220 (vsFTPd 2.0.1)
 User (5X.21X.24X.24X:(none)): aran
 331 Please specify the password.
 Password:
 530 Login incorrect.
 Login failed.
 ftp> user
 Username aran
 331 Please specify the password.
 Password:
 230 Login successful.
 ftp>
附:删除映射命令
undo nat server protocol tcp global 172.16.1.1 ftp inside 192.168.1.254 ftp