chenenxiong 2015-09-14 14:27 采纳率: 0%
浏览 2587

华为路由器,自动断开会话的问题

有一批服务器,加了华为路由器后发现,所有ssh连接一段时间不操作以后,会自动断开服务器连接,重新连接又没有问题,检查了linux系统ssh设置没问题,直连交换机也没问题,关键就在于添加了路由器,并且有acl策略。路由器配置如下:
dis current-configuration
[V200R005C20SPC200]
#
sysname PS_530_RT
#
drop illegal-mac alarm
#
wlan ac-global carrier id other ac id 0
#
pki realm default
enrollment self-signed
#
acl name ControlForPS 3999

rule 100 permit ip source 12.32.4.210 0 destination 0.0.0.0 192.168.1.255
rule 101 permit ip source 12.32.4.211 0 destination 0.0.0.0 192.168.1.255
rule 102 permit ip source 12.32.4.212 0 destination 0.0.0.0 192.168.1.255
rule 103 permit ip source 12.32.4.213 0 destination 0.0.0.0 192.168.1.255
rule 104 permit ip source 12.32.4.214 0 destination 0.0.0.0 192.168.1.255
rule 105 permit ip source 12.32.4.215 0 destination 0.0.0.0 192.168.1.255
rule 106 permit ip source 12.32.4.216 0 destination 0.0.0.0 192.168.1.255
rule 107 permit ip source 12.32.4.217 0 destination 0.0.0.0 192.168.1.255
rule 108 permit ip source 12.32.4.218 0 destination 0.0.0.0 192.168.1.255
rule 109 permit ip source 12.32.4.219 0 destination 0.0.0.0 192.168.1.255
rule 110 permit ip destination 192.168.1.81 0
rule 111 permit ip source 12.32.3.165 0 destination 0.0.0.0 192.168.1.255
rule 112 permit ip source 0.0.0.0 192.168.2.255 destination 0.0.0.0 192.168.1.255
rule 115 permit ip source 12.32.4.223 0 destination 0.0.0.0 192.168.1.255
#
aaa
authentication-scheme default
authorization-scheme default
accounting-scheme default
domain default

domain default_admin

local-user admin password cipher %@%@MhDt-]77#%@%@
local-user admin privilege level 3
local-user admin service-type telnet terminal ssh ftp http
#
firewall zone Zone_530
priority 10
#
firewall zone Zone_PS
priority 1
#
firewall zone Local
priority 64
#
firewall interzone Zone_530 Zone_PS
firewall enable
packet-filter 3999 outbound
packet-filter default permit inbound

#
interface GigabitEthernet0/0/0
#
interface GigabitEthernet0/0/1
description 530_IP
ip address 12.32.3.5 255.255.254.0
nat static global 12.32.3.111 inside 192.168.1.81 netmask 255.255.255.255
zone Zone_530
#
interface GigabitEthernet0/0/2
description PS_To_530_GW
ip address 192.168.1.198 255.255.255.0
zone Zone_PS
#
interface Cellular0/0/0
#
interface Cellular0/0/1
#
interface NULL0
#
snmp-agent local-engineid 800007DB03105172F75064
#
http server enable
http secure-server enable

#
ip route-static 0.0.0.0 0.0.0.0 12.32.2.1
#
user-interface con 0
authentication-mode password
set authentication password cipher %@%@EGMUPR#_UG4ZU00NijS9,#WOlN$"1zG,@/\zq>.VX8dF#WR,%@%@
user-interface vty 0 4
authentication-mode password
user privilege level 3
set authentication password cipher %@%@/aN{2)KfHPPhF$J'=8qNc:DFqk`nClJd0*xkL567C"QG:DIc%@%@
idle-timeout 60 0
#
wlan ac
#
voice
#
diagnose
#
return

  • 写回答

1条回答

  • devmiao 2015-09-14 15:34
    关注

    http://bbs.csdn.net/topics/391829399

    评论

报告相同问题?

悬赏问题

  • ¥50 有数据,怎么建立模型求影响全要素生产率的因素
  • ¥50 有数据,怎么用matlab求全要素生产率
  • ¥15 TI的insta-spin例程
  • ¥15 完成下列问题完成下列问题
  • ¥15 C#算法问题, 不知道怎么处理这个数据的转换
  • ¥15 YoloV5 第三方库的版本对照问题
  • ¥15 请完成下列相关问题!
  • ¥15 drone 推送镜像时候 purge: true 推送完毕后没有删除对应的镜像,手动拷贝到服务器执行结果正确在样才能让指令自动执行成功删除对应镜像,如何解决?
  • ¥15 求daily translation(DT)偏差订正方法的代码
  • ¥15 js调用html页面需要隐藏某个按钮