|
16 FTP配置
基本配置 <H3C>system-view [H3C]sysname r1 [r1]interface gigabitethernet 0/0 [r1-GigabitEthernet0/0]ip address 192.168.10.1 24 [r1-GigabitEthernet0/0]interface loopback 0 [r1-LoopBack0]ip address 100.100.100.100 32 [r1-LoopBack0]quit 为FTP创建认证帐户 [r1]local-user zurkj //创建本地帐户 [r1-luser-manage-zurkj]password simple Aa123456789 //配置密码 [r1-luser-manage-zurkj]service-type ftp //帐户服务类型为FTP [r1-luser-manage-zurkj]authorization-attribute user-rolenetwork-admin //用户角色授权属性为管理员相当于level 15 [r1-luser-manage-zurkj]quit 配置ACL访问策略 [r1]acl number 2050 //创建ACL 2050 [r1-acl-ipv4-basic-2050]description ftp //描述 [r1-acl-ipv4-basic-2050]rule permit source 192.168.10.1000.0.0.0 //允许源 [r1-acl-ipv4-basic-2050]rule deny source any //拒绝源 FTP服务引用ACL策略 [r1]ftp server acl 2050 //ftp服务引用acl策略 [r1]ftp timeout 1 //配置超时时间 开启ftp功能 [r1]ftp server enable //ftp功能开启
R2以.100地址访问FTP [r2]interface gigabitethernet 0/0 [r2-GigabitEthernet0/0]ip address 192.168.10.100 24 [r2-GigabitEthernet0/0]quit [r2]ip route-static 100.100.100.0 255.255.255.0192.168.10.1 <r2>ftp 100.100.100.100 Press CTRL+C to abort. Connected to 100.100.100.100 (100.100.100.100). 220 FTP service ready. User (100.100.100.100 none)): zurkj 331 Password required for zurkj. Password: 230 User logged in. Remote system type is UNIX. Using binary mode to transfer files. ftp> ascii 200 TYPE is now ASCII
R2以.200地址访问FTP <r2>ftp 100.100.100.100 Press CTRL+C to abort. ftp: connect: Connection refused acl 2050策略生效,访问被拒绝!
<r1>display ftp-server //查看ftp服务情况 FTP server isrunning. User count: 0 Idle-timeout timer(in minutes): 1
<r1>display ftp-user //查看ftp用户情况 No FTP user. | 
|Archiver|手机版|小黑屋|祖瑞科技 全国计算机 网络IT运维社区!
( 沪ICP备16021636号-2 )
发表于 2021-11-8 16:27:38
