chenenxiong 2015-09-14 14:27 采纳率: 0%
浏览 2587

华为路由器,自动断开会话的问题

有一批服务器,加了华为路由器后发现,所有ssh连接一段时间不操作以后,会自动断开服务器连接,重新连接又没有问题,检查了linux系统ssh设置没问题,直连交换机也没问题,关键就在于添加了路由器,并且有acl策略。路由器配置如下:
dis current-configuration
[V200R005C20SPC200]
#
sysname PS_530_RT
#
drop illegal-mac alarm
#
wlan ac-global carrier id other ac id 0
#
pki realm default
enrollment self-signed
#
acl name ControlForPS 3999

rule 100 permit ip source 12.32.4.210 0 destination 0.0.0.0 192.168.1.255
rule 101 permit ip source 12.32.4.211 0 destination 0.0.0.0 192.168.1.255
rule 102 permit ip source 12.32.4.212 0 destination 0.0.0.0 192.168.1.255
rule 103 permit ip source 12.32.4.213 0 destination 0.0.0.0 192.168.1.255
rule 104 permit ip source 12.32.4.214 0 destination 0.0.0.0 192.168.1.255
rule 105 permit ip source 12.32.4.215 0 destination 0.0.0.0 192.168.1.255
rule 106 permit ip source 12.32.4.216 0 destination 0.0.0.0 192.168.1.255
rule 107 permit ip source 12.32.4.217 0 destination 0.0.0.0 192.168.1.255
rule 108 permit ip source 12.32.4.218 0 destination 0.0.0.0 192.168.1.255
rule 109 permit ip source 12.32.4.219 0 destination 0.0.0.0 192.168.1.255
rule 110 permit ip destination 192.168.1.81 0
rule 111 permit ip source 12.32.3.165 0 destination 0.0.0.0 192.168.1.255
rule 112 permit ip source 0.0.0.0 192.168.2.255 destination 0.0.0.0 192.168.1.255
rule 115 permit ip source 12.32.4.223 0 destination 0.0.0.0 192.168.1.255
#
aaa
authentication-scheme default
authorization-scheme default
accounting-scheme default
domain default

domain default_admin

local-user admin password cipher %@%@MhDt-]77#%@%@
local-user admin privilege level 3
local-user admin service-type telnet terminal ssh ftp http
#
firewall zone Zone_530
priority 10
#
firewall zone Zone_PS
priority 1
#
firewall zone Local
priority 64
#
firewall interzone Zone_530 Zone_PS
firewall enable
packet-filter 3999 outbound
packet-filter default permit inbound

#
interface GigabitEthernet0/0/0
#
interface GigabitEthernet0/0/1
description 530_IP
ip address 12.32.3.5 255.255.254.0
nat static global 12.32.3.111 inside 192.168.1.81 netmask 255.255.255.255
zone Zone_530
#
interface GigabitEthernet0/0/2
description PS_To_530_GW
ip address 192.168.1.198 255.255.255.0
zone Zone_PS
#
interface Cellular0/0/0
#
interface Cellular0/0/1
#
interface NULL0
#
snmp-agent local-engineid 800007DB03105172F75064
#
http server enable
http secure-server enable

#
ip route-static 0.0.0.0 0.0.0.0 12.32.2.1
#
user-interface con 0
authentication-mode password
set authentication password cipher %@%@EGMUPR#_UG4ZU00NijS9,#WOlN$"1zG,@/\zq>.VX8dF#WR,%@%@
user-interface vty 0 4
authentication-mode password
user privilege level 3
set authentication password cipher %@%@/aN{2)KfHPPhF$J'=8qNc:DFqk`nClJd0*xkL567C"QG:DIc%@%@
idle-timeout 60 0
#
wlan ac
#
voice
#
diagnose
#
return

  • 写回答

1条回答 默认 最新

  • devmiao 2015-09-14 15:34
    关注

    http://bbs.csdn.net/topics/391829399

    评论

报告相同问题?

悬赏问题

  • ¥15 slam rangenet++配置
  • ¥15 对于相关问题的求解与代码
  • ¥15 ubuntu子系统密码忘记
  • ¥15 信号傅里叶变换在matlab上遇到的小问题请求帮助
  • ¥15 保护模式-系统加载-段寄存器
  • ¥15 电脑桌面设定一个区域禁止鼠标操作
  • ¥15 求NPF226060磁芯的详细资料
  • ¥15 使用R语言marginaleffects包进行边际效应图绘制
  • ¥20 usb设备兼容性问题
  • ¥15 错误(10048): “调用exui内部功能”库命令的参数“参数4”不能接受空数据。怎么解决啊