配置zone间策略
a)使用mqc定义策略config#ip access-list extended dmz-external
permit````
config#class-map tyep inspect dmz-external
cmap#match access-group dmz-external
cmap# match prtocol icmp
config# policy-map type inspect any-external
class dmz-extrnal
inspect
internal1-internal2
b)挂接zone间策略
config#zone-pair security d-e source dmz destination external
config-sec-zone-pair#serice-policy type inspect any-external
Easyinlab Welcome
{:6_285:}
页:
[1]