免费注册 查看新帖 |

Chinaunix

  平台 论坛 博客 文库
最近访问板块 发新帖
查看: 7150 | 回复: 0

最近电信搞内外网搞的我路由器多WAN口不能上网。有人遇到这问题吗? [复制链接]

论坛徽章:
0
发表于 2018-04-04 17:17 |显示全部楼层
单WAN口配置就没问题
只要启用多WAN口就出问题

以下是配置文件。。。



#
version 5.20, Release 2209P26, Basic
#
sysname H3C
#
firewall enable
firewall default deny
#
domain default enable system
#
telnet server enable
#
dar p2p signature-file cfa0:/p2p_default.mtd
#
port-security enable
#
ip http enable
#
time-range tr3980 00:00 to 24:00 daily   
#
acl number 2000
rule 0 permit
acl number 2001
rule 0 permit source 192.168.141.0 0.0.0.255
rule 1 permit source 192.168.9.0 0.0.0.255
rule 5 permit source 192.168.110.0 0.0.0.255
rule 6 permit source 192.168.210.0 0.0.0.255
rule 7 permit source 192.168.90.0 0.0.0.255
rule 8 permit source 192.168.8.0 0.0.0.255
rule 9 permit source 192.168.150.0 0.0.0.255
acl number 2002
rule 8 permit source 192.168.130.0 0.0.0.255
rule 9 permit source 192.168.120.0 0.0.0.255
rule 10 permit source 192.168.160.0 0.0.0.255
rule 11 permit source 192.168.170.0 0.0.0.255
rule 12 permit source 192.168.140.0 0.0.0.255
acl number 2003
rule 13 permit source 192.168.119.0 0.0.0.255
acl number 2004
rule 14 permit source 192.168.180.0 0.0.0.255
rule 15 permit source 192.168.190.0 0.0.0.255
rule 16 permit source 192.168.200.0 0.0.0.255
rule 17 permit source 192.168.220.0 0.0.0.255
acl number 2005
#
acl number 3000
rule 7 permit icmp
rule 8 permit ip destination 202.96.134.133 0
rule 9 permit ip destination 8.8.8.8 0
rule 10 permit ip source 192.168.8.0 0.0.0.255
rule 11 permit ip source 192.168.90.0 0.0.0.255
rule 12 permit ip source 192.168.110.0 0.0.0.255
rule 13 permit ip source 192.168.119.0 0.0.0.255
rule 14 permit ip source 192.168.120.0 0.0.0.255
rule 15 permit ip source 192.168.130.0 0.0.0.255
rule 16 permit ip source 192.168.140.0 0.0.0.255
rule 17 permit ip source 192.168.150.0 0.0.0.255
rule 18 permit ip source 192.168.160.0 0.0.0.255
rule 19 permit ip source 192.168.170.0 0.0.0.255
rule 23 permit ip source 192.168.210.0 0.0.0.255
rule 24 permit ip source 192.168.220.0 0.0.0.255
rule 30 permit ip destination 61.151.244.133 0
rule 31 permit ip destination 211.144.68.155 0
rule 32 permit ip destination 121.14.231.53 0
rule 34 permit ip destination 219.142.127.6 0
rule 35 permit ip destination 121.10.0.0 0.0.255.255
rule 36 permit ip destination 219.134.185.1 0
rule 37 permit ip destination 219.134.185.2 0
rule 38 permit ip destination 219.134.185.3 0
rule 39 permit ip source 192.168.13.0 0.0.0.255
rule 40 permit ip source 192.168.80.0 0.0.0.255
rule 41 permit ip destination 180.153.27.12 0
rule 42 permit ip destination 202.106.139.19 0
rule 44 permit ip destination 219.142.127.19 0
rule 45 permit ip source 192.168.141.0 0.0.0.255
rule 46 permit ip destination 61.146.152.57 0
rule 47 permit ip destination 202.96.17.24 0
rule 48 permit ip destination 60.247.100.24 0
rule 60 permit ip source 192.168.180.0 0.0.0.255
rule 61 permit ip source 192.168.190.0 0.0.0.255
rule 62 permit ip source 192.168.200.0 0.0.0.255
rule 100 deny ip
#
vlan 1
#
domain system
access-limit disable
state active
idle-cut disable
self-service-url disable
#
traffic classifier acl3980deny operator or
if-match acl 3980
traffic classifier group_test operator or
traffic classifier group_test_oper operator or
#
traffic behavior behaviorfordeny
filter deny
traffic behavior group_test
traffic-policy group_test
traffic behavior group_test_band
traffic behavior acldeny
filter deny
#
qos policy policylimitout
qos policy PolicyLimitOut
classifier group_test behavior group_test
classifier acl3980deny behavior acldeny
qos policy 2
qos policy group_test
classifier group_test_oper behavior behaviorfordeny
qos policy 1
#
user-group system
group-attribute allow-guest
#
local-user admin
password cipher $c$3$AsDYq5jLP4tvNZo5lSGCXwGmGqYIR1Ce9Oq7bxWAdg22==
authorization-attribute level 3
service-type ssh telnet terminal
service-type web
local-user thit
password cipher $c$3$zF//Agk1rW58U8mysQtdKTpC+KSJI5bbniddlSs5UQ33==
authorization-attribute level 3
service-type ssh telnet terminal
service-type ftp
#
interface Aux0
async mode flow
link-protocol ppp
#
interface Cellular0/0
async mode protocol
link-protocol ppp
qos apply policy PolicyLimitOut outbound
#
interface Dialer0
link-protocol ppp
ppp chap user XXXX3@163.gd
ppp chap password cipher $c$3$o1jrlBnKIVhr5s6BS5Ck3pRIDGAyLfHx12sp
ppp pap local-user sz00738844@163.gd password cipher $c$3$JvB3TU6DkwokktR2uX/6vl9sq56NhtUAa6L4
ppp ipcp dns request
mtu 1492
ip address ppp-negotiate
tcp mss 1024
dialer user ABC
dialer-group 1
dialer bundle 1
dialer timer idle 0
qos apply policy PolicyLimitOut outbound
#
interface Dialer1
link-protocol ppp
#
interface Dialer10
nat outbound 2000
nat server protocol tcp global 14.153.5.42 2225 inside 192.168.8.10 3389
firewall packet-filter 3000 outbound
link-protocol ppp
ppp chap user MMM1@163.gd
ppp chap password cipher $c$3$T7uUvtfkhUa3z6I8fwgcmoGnIDiQNDCNP3IKGoE=
ppp pap local-user MMM1@163.gd password cipher $c$3$zF//Agk1rW58U8mysQtdKTzDwqnFbMGRzDNWnBo=
ppp ipcp dns admit-any
ppp ipcp dns request
mtu 1492
ip address ppp-negotiate
tcp mss 1024
dialer user username
dialer-group 10
dialer bundle 10
qos apply policy PolicyLimitOut outbound
#
interface Dialer11
nat outbound 2000
firewall packet-filter 3000 outbound
link-protocol ppp
ppp chap user XXX2@163.gd
ppp chap password cipher $c$3$/eKDxMxeaXQrL0wJiyFgqH78pbW6ur6G092n
ppp pap local-user XXX2@163.gd password cipher $c$3$Ng1BzWUbEcCAGonKi55rlLQzfLalM/vY5zHy
ppp ipcp dns admit-any
ppp ipcp dns request
mtu 1492
ip address ppp-negotiate
tcp mss 1024
dialer user username
dialer-group 11
dialer bundle 11
qos apply policy PolicyLimitOut outbound
#
interface Dialer12
nat outbound 2000
firewall packet-filter 3000 outbound
link-protocol ppp
ppp chap user 55564M@163.gd
ppp chap password cipher $c$3$xroZcZzBe8wQsioiffyMf2F7W0CnBTp0VMhEEvY=
ppp pap local-user5564M@163.gd password cipher $c$3$GtPZ1T8H7EndXgbGwjDirDA2RTyWniYkDSEZCcY=
ppp ipcp dns admit-any
ppp ipcp dns request
mtu 1492
ip address ppp-negotiate
tcp mss 1024
dialer user username
dialer-group 12
dialer bundle 12
qos apply policy PolicyLimitOut outbound
#
interface Dialer13
nat outbound 2000
firewall packet-filter 3000 outbound
link-protocol ppp
ppp chap user sz7539@163.gd
ppp chap password cipher $c$3$+lUxmwYN7VTFQYEkdl8Nuu17pHgVtt7qNYKvbs0=
ppp pap local-user sz7539@163.gd password cipher $c$3$4Jm68Zx9wyO4Ma0UW1YxAR+0BhpHzNVgd24u7Yg=
ppp ipcp dns admit-any
ppp ipcp dns request
mtu 1492
ip address ppp-negotiate
tcp mss 1024
dialer user username
dialer-group 13
dialer bundle 13
qos apply policy policylimitout outbound
#
interface Dialer14
nat outbound 2000
firewall packet-filter 3000 outbound
link-protocol ppp
ppp chap user szt4655@163.gd
ppp chap password cipher $c$3$p9xuVvRgvfEf/g4EkCs0fQ//edVwkYBsGA6y
ppp pap local-user szt4655@163.gd password cipher $c$3$cut2e+1uljuwJgFtF8t+v5ENT6tNiVHwCKKt
ppp ipcp dns admit-any
ppp ipcp dns request
mtu 1492
ip address ppp-negotiate
tcp mss 1024
dialer user username
dialer-group 14
dialer bundle 14
qos apply policy policylimitout outbound
#
interface Ethernet6/0
port link-mode route
firewall packet-filter 3000 outbound
pppoe-client dial-bundle-number 10
qos apply policy PolicyLimitOut outbound
#
interface Ethernet6/1
port link-mode route
pppoe-client dial-bundle-number 12
qos apply policy PolicyLimitOut outbound
#
interface Ethernet6/2
port link-mode route
pppoe-client dial-bundle-number 13
qos apply policy PolicyLimitOut outbound
#
interface Ethernet6/3
port link-mode route
pppoe-client dial-bundle-number 14
qos apply policy PolicyLimitOut outbound
#
interface NULL0
#
interface GigabitEthernet0/0
port link-mode route
ip address 192.168.13.1 255.255.255.0
ip policy-based-route 1
#
interface GigabitEthernet0/1
port link-mode route
pppoe-client dial-bundle-number 11
qos apply policy PolicyLimitOut outbound
#
policy-based-route 1 permit node 1
   if-match acl 2001
   apply output-interface Dialer12
policy-based-route 1 permit node 2
   if-match acl 2002
   apply output-interface Dialer13
policy-based-route 1 permit node 3
   if-match acl 2003
   apply output-interface Dialer10
policy-based-route 1 permit node 4
   if-match acl 2004
   apply output-interface Dialer14
#
ip route-static 0.0.0.0 0.0.0.0 Dialer10
ip route-static 0.0.0.0 0.0.0.0 Dialer12
ip route-static 0.0.0.0 0.0.0.0 Dialer13
ip route-static 0.0.0.0 0.0.0.0 Dialer14
ip route-static 192.168.2.0 255.255.255.0 192.168.13.2
ip route-static 192.168.3.0 255.255.255.0 192.168.13.2
ip route-static 192.168.8.0 255.255.255.0 192.168.13.2
ip route-static 192.168.9.0 255.255.255.0 192.168.13.2
ip route-static 192.168.10.0 255.255.255.0 192.168.13.2
ip route-static 192.168.80.0 255.255.255.0 192.168.13.2
ip route-static 192.168.90.0 255.255.255.0 192.168.13.2
ip route-static 192.168.110.0 255.255.255.0 192.168.13.2
ip route-static 192.168.119.0 255.255.255.0 192.168.13.2
ip route-static 192.168.120.0 255.255.255.0 192.168.13.2
ip route-static 192.168.121.0 255.255.255.0 192.168.13.2
ip route-static 192.168.130.0 255.255.255.0 192.168.13.2
ip route-static 192.168.140.0 255.255.255.0 192.168.13.2
ip route-static 192.168.141.0 255.255.255.0 192.168.13.2
ip route-static 192.168.150.0 255.255.255.0 192.168.13.2
ip route-static 192.168.160.0 255.255.255.0 192.168.13.2
ip route-static 192.168.170.0 255.255.255.0 192.168.13.2
ip route-static 192.168.180.0 255.255.255.0 192.168.13.2
ip route-static 192.168.190.0 255.255.255.0 192.168.13.2
ip route-static 192.168.200.0 255.255.255.0 192.168.13.2
ip route-static 192.168.210.0 255.255.255.0 192.168.13.2
ip route-static 192.168.220.0 255.255.255.0 192.168.13.2
#
snmp-agent
snmp-agent local-engineid 800063A2035866BA7F8C68
snmp-agent community write privale
snmp-agent community read thpublic
snmp-agent sys-info version v2c v3
#
ssh server enable
ssh user thit service-type all authentication-type password
#
dialer-rule 10 ip permit
dialer-rule 12 ip permit
dialer-rule 13 ip permit
dialer-rule 14 ip permit
#
load xml-configuration
#
user-interface con 0
user-interface tty 13
user-interface aux 0
user-interface vty 0 4
acl 2009 inbound
authentication-mode scheme
user privilege level 3
set authentication password cipher $c$3$2RqnOOdt0zl6aHEPZVSr2n4olBwyokxWFnr9cQRqCF0IUik=
protocol inbound ssh
#
return

您需要登录后才可以回帖 登录 | 注册

本版积分规则 发表回复

  

北京盛拓优讯信息技术有限公司. 版权所有 京ICP备16024965号-6 北京市公安局海淀分局网监中心备案编号:11010802020122 niuxiaotong@pcpop.com 17352615567
未成年举报专区
中国互联网协会会员  联系我们:huangweiwei@itpub.net
感谢所有关心和支持过ChinaUnix的朋友们 转载本站内容请注明原作者名及出处

清除 Cookies - ChinaUnix - Archiver - WAP - TOP