首页  登陆  注册  博客集  下载频道  网络硬盘  学院论坛  家园
IT学院 网站地图 网站地图
收藏本站 收藏本站
高级搜索 高级搜索
 新闻IT新闻 互联网 微软 黑客新闻 网络网络协议 故障 网络管理 TCP/IP 无线技术 解决方案 黑客技术 漏洞 软件评测 安全资讯
 数据MSsql Oracle Mysql PL/SQL 备份 系统:Linux vista Windows FTP 防火墙 注册表 服务器行情 服务器应用 解决方案 WEB服务器
 墙纸风景壁纸 游戏壁纸 体育壁纸 汽车壁纸 人文壁纸 影视壁纸 广告壁纸 花卉壁纸 节日壁纸 动漫壁纸 明星壁纸 绘画壁纸 月历壁纸
当前位置: > 主页>服务器>服务器技术>ISA服务器>配置ISA防火墙作为网络间的路由器二
热门文章排行
  
热门文章排行 Microsoft ISA Server
命令行方式控制ISA Serv
献给没接触过ISA的朋友
(ISA技术)PORT和PASV模
用ISA Server 2000发布
ISA Server 2000:安全
ISA Server 2000:安全与
ISA安装设置全集之ISA安
ISA安装设置全集之ISA安
ISA安装设置全集之ISA安
精采文章推荐
  
精采文章推荐 配置ISA防火墙作为网络
教你查看ISA Server 200
配置ISA Server 2004的
在ISA Server 2004中发
ISA 里VPN服务器的客户
ISA Server中身份验证的
ISA技术:ISA Server 20
ISA教程之用ISA Server
ISA配置教程之配置站点
如何从Proxy Server 2.0
最新更新文章
  
最新更新文章 深入剖析ISA防火墙策略
巧设ISA防火墙客户端限
ISA Server基本安装配置
ISA Server初学之技术问
网管实战:为网络系统构
停止ISA Server 2004中
配置ISA防火墙作为网络
配置ISA防火墙作为网络
教你查看ISA Server 200
配置ISA Server 2004的

配置ISA防火墙作为网络间的路由器二

编辑:   来源:  日期:2008-07-18   我要投稿      家园
  3、测试LAN2到LAN1的连通性
  
  我们在位于LAN2的Client1上进行测试,Ping位于LAN1的Server1,并访问运行在其之上的FTP服务。
  
  /* 在Client1上进行测试*/
  
  C:\Documents and Settings\xx>ipconfig
  
  Windows IP Configuration
  
  Ethernet adapter Loopback:
  
  Connection-specific DNS Suffix . :
  IP Address. . . . . . . . . . . . : 192.168.2.8
  Subnet Mask . . . . . . . . . . . : 255.255.255.0
  Default Gateway . . . . . . . . . : 192.168.2.1
   
  /* Ping自己的网关(ISA防火墙的LAN2接口)*/
  
  C:\Documents and Settings\xx>ping 192.168.2.1 -n 2
  
  Pinging 192.168.2.1 with 32 bytes of data:
  
  Reply from 192.168.2.1: bytes=32 time=6ms TTL=128
  Reply from 192.168.2.1: bytes=32 time<1ms TTL=128
  
  Ping statistics for 192.168.2.1:
  Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
  Approximate round trip times in milli-seconds:
  Minimum = 0ms, Maximum = 6ms, Average = 3ms
  
  /* Ping ISA防火墙的LAN1接口*/
  
  C:\Documents and Settings\xx>ping 192.168.0.254 -n 2
  
  Pinging 192.168.0.254 with 3
  
  2 bytes of data:
  Reply from 192.168.0.254: bytes=32 time=1ms TTL=128
  Reply from 192.168.0.254: bytes=32 time<1ms TTL=128
  
  Ping statistics for 192.168.0.254:
  Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
  Approximate round trip times in milli-seconds:
  Minimum = 0ms, Maximum = 1ms, Average = 0ms
   
  /* Ping LAN1中的Server1*/
  C:\Documents and Settings\xx>ping 192.168.0.1 -n 2
  
  Pinging 192.168.0.1 with 32 bytes of data:
  
  Reply from 192.168.0.1: bytes=32 time=2ms TTL=127
  Reply from 192.168.0.1: bytes=32 time<1ms TTL=127
  
  Ping statistics for 192.168.0.1:
  Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
  Approximate round trip times in milli-seconds:
  Minimum = 0ms, Maximum = 2ms, Average = 1ms
  
  /*访问Server1上的ftp服务*/
  C:\Documents and Settings\xx>ftp 192.168.0.1
  Connected to 192.168.0.1.
  220 External ftp server ready...
  User (192.168.0.1:(none)): anonymous
  331 User name okay, please send complete E-mail address as password.
  Password:
  230 User logged in, proceed.
  ftp> dir
  200 PORT Command successful.
  150 Opening ASCII mode data connection for /bin/ls.
  drw-rw-rw- 1 user group 0 Jul 29 17:58 .
  drw-rw-rw- 1 user group 0 Jul 29 17:58 ..
  drw-rw-rw- 1 user group 0 Jul 29 17:58 AdminScripts
  drw-rw-rw- 1 user group 0 Jul 29 17:58 ftproot
  drw-rw-rw- 1 user group 0 Jul 29 17:58 wwwroot
  226 Transfer complete.
  ftp: 收到 314 字节,用时 0.00Seconds 314000.00Kbytes/sec.
  ftp>
  
  此时,我们在Server1上的ftp管理控制台中看看
   
  注意看客户的IP地址,这是ISA防火墙的LAN1接口的IP。Why?不需要我回答吧。
  
  Okay,这个测试就成功结束了。
  
  4、配置内部到外部使用路由方式
  
  现在我们来修改网络规则,配置内部到外部使用路由方式试试。
  
  点开配置下的网络,在右边的网络规则中双击Internet访问,然后在弹出的属性对话框中,点击网络关系标签,修改为路由。修改后如下图所示:
   
  然后点击应用保存修改和更新防火墙策略。
  
  5、测试LAN2到LAN1的连通性二
  
  /* 在Client1上进行测试*/
  
  C:\Documents and Settings\xx>ipconfig
  
  Windows IP Configuration
  
  Ethernet adapter Loopback:
  
  Connection-specific DNS Suffix . :
  IP Address. . . . . . . . .
  
  . . . : 192.168.2.8
  Subnet Mask . . . . . . . . . . . : 255.255.255.0
  Default Gateway . . . . . . . . . : 192.168.2.1
   
  /* Ping自己的网关(ISA防火墙的LAN2接口)*/
  
  C:\Documents and Settings\xx>ping 192.168.2.1 -n 2
  
  Pinging 192.168.2.1 with 32 bytes of data:
  
  Reply from 192.168.2.1: bytes=32 time=6ms TTL=128
  Reply from 192.168.2.1: bytes=32 time<1ms TTL=128
  
  Ping statistics for 192.168.2.1:
  Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
  Approximate round trip times in milli-seconds:
  Minimum = 0ms, Maximum = 6ms, Average = 3ms
  
  /* Ping ISA防火墙的LAN1接口*/
  
  C:\Documents and Settings\xx>ping 192.168.0.254 -n 2
  
  Pinging 192.168.0.254 with 32 bytes of data:
  
  Reply from 192.168.0.254: bytes=32 time=1ms TTL=128
  Reply from 192.168.0.254: bytes=32 time<1ms TTL=128
  
  Ping statistics for 192.168.0.254:
  Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
  Approximate round trip times in milli-seconds:
  Minimum = 0ms, Maximum = 1ms, Average = 0ms
   
  /* Ping LAN1中的Server1*/
  C:\Documents and Settings\xx>ping 192.168.0.1 -n 2
  
  Pinging 192.168.0.1 with 32 bytes of data:
  
  Request timed out.
  Request timed out.
  
  Ping statistics for 192.168.0.1:
  Packets: Sent = 2, Received = 0, Lost = 2 (100% loss),
  
  Ping不通了?Why?相信你应该可以从上面的TCP/IP配置说明中分析出这一点。
  
  我们再在LAN1中的Server1上进行测试:
  
  /* 在Server1上进行测试*/
  
  C:\Documents and Settings\Administrator>ipconfig /all
  
  Windows IP Configuration
  
  Host Name . . . . . . . . . . . . : Sydney
  Primary Dns Suffix . . . . . . . :
  Node Type . . . . . . . . . . . . : Unknown
  IP Routing Enabled. . . . . . . . : No
  WINS Proxy Enabled. . . . . . . . : No
  
  Ethernet adapter Local Area Connection:
  
  Connection-specific DNS Suffix . :
  Description . . . . . . . . . . . : Intel 21140-Based PCI Fast Ethernet Adapter (Generic)
  Physical Address. . . . . . . . . : 00-03-FF-FF-36-DB
  DHCP Enabled. . . . . . . . . . . : No
  IP Address. . . . . . . . . . . . : 192.168.0.1
  Subnet Mask . . . . . . . . . . . : 255.255.255.0
  Default Gateway . . . . . . . . . : 192.168.0.1
   
  /* Ping ISA防火墙的LAN1接口*/
  C:\Documents and Settings\Administrator>ping 192.168.0.254
  
  Pinging 192.168.0.254 with 32 bytes of data:
  
  Reply from 192.168.0.254: bytes=32 time<1ms TTL=128
  Reply from 192.168.0.254: bytes=32 time<1ms TTL=128
  Ping statistics for 192.168.0.254:
  Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
  Approximate round trip times in milli-seconds:
  Minimum = 0ms, Maximum = 0ms, Average = 0ms
  Control-C
  ^C
  
  /* Ping ISA防火墙的LAN2接口*/
  C:\Documents and Settings\Administrator>ping 192.168.2.1
  
  Pinging 192.168.2.1 with 32 bytes of data:
  
  Request timed out.
  Request timed out.
  
  Ping statistics for 192.168.2.1:
  Packets: Sent = 2, Received = 0, Lost = 2 (100% loss),
  Control-C
  ^C
  
  /* Ping 位于LAN2的Client1*/
  C:\Documents and Settings\Administrator>ping 192.168.2.8
  
  Pinging 192.168.2.8 with 32 bytes of data:
  
  Request timed out.
  
  Ping statistics for 192.168.2.8:
  Packets: Sent = 1, Received = 0, Lost = 1 (100% loss),
  Control-C
  ^C
   
  位于LAN2的接口都Ping不通,Why?很简单,在Server1上没有到LAN2的路由。我们看看Server1的路由表:
  C:\Documents and Settings\Administrator>route print
  
  IPv4 Route Table
  ==============================================
  Interface List
  0x1 ........................... MS TCP Loopback interface
  0x10003 ...00 03 ff ff 36 db ...... Intel 21140-Based PCI Fast Ethernet Ad


上一篇:配置ISA防火墙作为网络间的路由器一  
下一篇:停止ISA Server 2004中的MSDE服务
 关键字:  
文章评论】 【收藏本文】 【推荐好友】 【打印本文】 【论坛讨论

   相关文章:

   文章评论:(0条)
  
 请留名: 匿名评论   点击查看所有评论
 

  责任编辑:IT学院  声明:刊登此文章是为了传递更多信息,文章内容仅供参考,转载请注明出处。