码迷,mamicode.com
首页 > Web开发 > 详细

【Fortinet】飞塔(FortiGate)防火墙低端产品命令行下配置RIP

时间:2017-08-26 18:35:01      阅读:766      评论:0      收藏:0      [点我收藏+]

标签:rip   fortinet   forgate   飞塔防火墙   命令行配置rip   

前言:

FortiGate中端、高端产品支持web页面配置RIP/OSPF/BGP,低端(桌面级)产品不支持,只支持CLI配置------虽然官网有手册(英文版),但没有实际案例,并给出建立连接的结果来的舒服~~这就是此文的目的~~

FortiGate配置ospf和Cisco/H3C/华为都不太一样,希望此文对大家有帮助!

实验使用的FortiGate使用的是80E和60E,对接设备为Cisco 4331。

注:本文只写出ForGate端的配置命令。


技术分享

拓扑图

目的:

ForGate和Cisco建立RIP连接关系,动态学习路由。相关的IP信息如拓扑图所示。


配置思路:

1.宣告网段

2.将接口加入RIP进程下

3.宣告网段,并应用area:

3.将静态路由重分发进RIP


命令行配置:

1.宣告网段:

config router rip

   config network

       edit 1

           set prefix 134.118.19.0 255.255.255.0

       next

   end

 

2.将接口加入RIP进程下:

   config interface

       edit "internal1"

           set receive-version 1 2 //接收RIP version 1和version 2更新

           set send-version 1 2 //发送RIP version 1和version 2更新

       next

   end

 

3.将静态路由重分发进RIP:

   config redistribute "static"

       set status enable

   end

此时配置结束。

注:敲完 next或end 配置就会保存。


验证效果:

1.4.1查看RIP database

NPTJ-Firewall # get router info ripdatabase

 

Codes: R - RIP, Rc - RIP connected, Rs -RIP static, K - Kernel,

      C - Connected, S - Static, O - OSPF, I - IS-IS, B - BGP

 

  Network            Next Hop         Metric From            If     Time

R 10.0.0.0/8        134.118.19.1          2134.118.19.1    internal1 02:37

R 134.0.0.0/8       134.118.19.1          2134.118.19.1    internal1 02:37

R 134.111.0.0/16    134.118.19.1          2134.118.19.1    internal1 02:37

R 134.118.0.0/16     134.118.19.1          2 134.118.19.1    internal1 02:37

R 134.118.15.0/24   134.118.19.252        2134.118.19.252  internal1 02:49

R 134.118.16.0/24   134.118.19.252        2134.118.19.252  internal1 02:49

R 134.118.17.0/24   134.118.19.252        2134.118.19.252  internal1 02:49

Rc 134.118.19.0/24                          1                 internal1

R 134.118.22.0/24   134.118.19.252        2134.118.19.252  internal1 02:49

R 134.118.30.0/23   134.118.19.252        2134.118.19.252  internal1 02:49

R 134.118.32.0/23   134.118.19.252        2134.118.19.252  internal1 02:49

R 134.118.34.0/24   134.118.19.252        2134.118.19.252  internal1 02:49

R 134.118.35.0/24   134.118.19.252        2134.118.19.252  internal1 02:49

R 134.118.36.0/23   134.118.19.252        2134.118.19.252  internal1 02:49

R 134.118.40.0/22   134.118.19.252        2134.118.19.252  internal1 02:49

R 134.118.50.0/24   134.118.19.252        2134.118.19.252  internal1 02:49

R 134.118.70.0/24   134.118.19.252        2 134.118.19.252  internal1 02:49

R 134.118.80.0/24   134.118.19.252        2134.118.19.252  internal1 02:49

R 134.118.90.0/24   134.118.19.252        2134.118.19.252  internal1 02:49

R 134.118.100.0/24  134.118.19.252        2134.118.19.252  internal1 02:49

R 134.118.106.0/24  134.118.19.252        2134.118.19.252  internal1 02:49

R 134.118.110.0/24  134.118.19.252        2134.118.19.252  internal1 02:49

R 134.118.111.0/24  134.118.19.252        2134.118.19.252  internal1 02:49

R  134.118.112.0/24   134.118.19.252        2 134.118.19.252  internal1 02:49

R 134.118.113.0/24  134.118.19.252        2134.118.19.252  internal1 02:49

R 134.118.114.0/24  134.118.19.252        2134.118.19.252  internal1 02:49

R 134.118.115.0/24  134.118.19.252        2134.118.19.252  internal1 02:49

R 134.118.118.0/24  134.118.19.252        2134.118.19.252  internal1 02:49

R 134.118.121.0/24  134.118.19.252        2134.118.19.252  internal1 02:49

R 134.119.0.0/16     134.118.19.1          2 134.118.19.1    internal1 02:37

R 134.120.0.0/16    134.118.19.1          2134.118.19.1    internal1 02:37

R 134.121.0.0/16    134.118.19.1          2134.118.19.1    internal1 02:37

R 134.124.0.0/16    134.118.19.1          2134.118.19.1    internal1 02:37

R 134.125.0.0/16    134.118.19.1          2134.118.19.1    internal1 02:37

R 134.127.0.0/16    134.118.19.1          2134.118.19.1    internal1 02:37

R 134.128.0.0/16    134.118.19.1          2134.118.19.1    internal1 02:37

R 134.129.0.0/16    134.118.19.1          2134.118.19.1    internal1 02:37

R 134.132.0.0/16    134.118.19.1          2134.118.19.1    internal1 02:37

R 134.133.0.0/16    134.118.19.1          2134.118.19.1    internal1 02:37

R 134.134.0.0/16    134.118.19.1          2134.118.19.1    internal1 02:37

R 172.16.0.0/16     134.118.19.1          2134.118.19.1    internal1 02:37

R 172.17.0.0/16     134.118.19.1          2134.118.19.1    internal1 02:37

R 192.168.2.0/30     134.118.19.1          2 134.118.19.1    internal1 02:37

R 192.168.3.0/30    134.118.19.1          2134.118.19.1    internal1 02:37

R 192.168.4.0/30    134.118.19.1          2134.118.19.1    internal1 02:37

R 192.168.15.0/24   134.118.19.1          2 134.118.19.1    internal1 02:37

R 192.168.20.0/30   134.118.19.1          2134.118.19.1    internal1 02:37

R 192.168.22.0/30   134.118.19.1          2134.118.19.1    internal1 02:37

R 192.168.53.0/30   134.118.19.1          2134.118.19.1    internal1 02:37

R 192.168.58.0/30   134.118.19.1          2134.118.19.1    internal1 02:37

R 192.168.60.0/30   134.118.19.1          2134.118.19.1    internal1 02:37

R 192.168.200.0/24  134.118.19.1          2134.118.19.1    internal1 02:37

 

1.4.2查看通过RIP学习到的路由

NPTJ-Firewall # get router inforouting-table rip

R      10.0.0.0/8 [120/2] via 134.118.19.1, internal1, 1d18h51m

R      134.0.0.0/8 [120/2] via 134.118.19.1, internal1, 1d18h51m

R      134.111.0.0/16 [120/2] via 134.118.19.1, internal1, 1d18h51m

R      134.118.0.0/16 [120/2] via 134.118.19.1, internal1, 1d18h51m

R      134.118.15.0/24 [120/2] via 134.118.19.252, internal1, 1d18h51m

R      134.118.16.0/24 [120/2] via 134.118.19.252, internal1, 1d18h51m

R      134.118.17.0/24 [120/2] via 134.118.19.252, internal1, 1d18h51m

R      134.118.22.0/24 [120/2] via 134.118.19.252, internal1, 1d18h51m

R      134.118.30.0/23 [120/2] via 134.118.19.252, internal1, 1d18h51m

R      134.118.32.0/23 [120/2] via 134.118.19.252, internal1, 1d18h51m

R      134.118.34.0/24 [120/2] via 134.118.19.252, internal1, 1d18h51m

R      134.118.35.0/24 [120/2] via 134.118.19.252, internal1, 1d18h51m

R      134.118.36.0/23 [120/2] via 134.118.19.252, internal1, 1d18h51m

R      134.118.40.0/22 [120/2] via 134.118.19.252, internal1, 1d18h51m

R      134.118.50.0/24 [120/2] via 134.118.19.252, internal1, 1d18h51m

R      134.118.70.0/24 [120/2] via 134.118.19.252, internal1, 1d18h51m

R      134.118.80.0/24 [120/2] via 134.118.19.252, internal1, 1d18h51m

R      134.118.90.0/24 [120/2] via 134.118.19.252, internal1, 1d18h51m

R      134.118.100.0/24 [120/2] via 134.118.19.252, internal1, 1d18h51m

R      134.118.106.0/24 [120/2] via 134.118.19.252, internal1, 1d18h51m

R      134.118.110.0/24 [120/2] via 134.118.19.252, internal1, 1d18h51m

R      134.118.111.0/24 [120/2] via 134.118.19.252, internal1, 1d18h51m

R      134.118.112.0/24 [120/2] via 134.118.19.252, internal1, 1d18h51m

R      134.118.113.0/24 [120/2] via 134.118.19.252, internal1, 1d18h51m

R      134.118.114.0/24 [120/2] via 134.118.19.252, internal1, 1d18h51m

R      134.118.115.0/24 [120/2] via 134.118.19.252, internal1, 1d18h51m

R      134.118.118.0/24 [120/2] via 134.118.19.252, internal1, 1d18h51m

R      134.118.121.0/24 [120/2] via 134.118.19.252, internal1, 1d18h51m

R      134.119.0.0/16 [120/2] via 134.118.19.1, internal1, 1d18h51m

R      134.120.0.0/16 [120/2] via 134.118.19.1, internal1, 1d18h51m

R      134.121.0.0/16 [120/2] via 134.118.19.1, internal1, 1d18h51m

R      134.124.0.0/16 [120/2] via 134.118.19.1, internal1, 1d18h51m

R      134.125.0.0/16 [120/2] via 134.118.19.1, internal1, 1d18h51m

R      134.127.0.0/16 [120/2] via 134.118.19.1, internal1, 1d18h51m

R      134.128.0.0/16 [120/2] via 134.118.19.1, internal1, 1d18h51m

R      134.129.0.0/16 [120/2] via 134.118.19.1, internal1, 1d18h51m

R      134.132.0.0/16 [120/2] via 134.118.19.1, internal1, 1d18h51m

R      134.133.0.0/16 [120/2] via 134.118.19.1, internal1, 1d18h51m

R      134.134.0.0/16 [120/2] via 134.118.19.1, internal1, 1d18h51m

R      172.16.0.0/16 [120/2] via 134.118.19.1, internal1, 1d18h51m

R      172.17.0.0/16 [120/2] via 134.118.19.1, internal1, 1d18h51m

R      192.168.2.0/30 [120/2] via 134.118.19.1, internal1, 1d18h51m

R      192.168.3.0/30 [120/2] via 134.118.19.1, internal1, 1d18h51m

R      192.168.4.0/30 [120/2] via 134.118.19.1, internal1, 1d18h51m

R      192.168.15.0/24 [120/2] via 134.118.19.1, internal1, 1d18h51m

R      192.168.20.0/30 [120/2] via 134.118.19.1, internal1, 1d18h51m

R      192.168.22.0/30 [120/2] via 134.118.19.1, internal1, 1d18h51m

R      192.168.53.0/30 [120/2] via 134.118.19.1, internal1, 1d18h51m

R      192.168.58.0/30 [120/2] via 134.118.19.1, internal1, 1d18h51m

R      192.168.60.0/30 [120/2] via 134.118.19.1, internal1, 1d18h51m


成功建立邻接关系,也学习到了路由,配置成功!


本文出自 “TommyKing” 博客,请务必保留此出处http://tommyking.blog.51cto.com/10481841/1959566

【Fortinet】飞塔(FortiGate)防火墙低端产品命令行下配置RIP

标签:rip   fortinet   forgate   飞塔防火墙   命令行配置rip   

原文地址:http://tommyking.blog.51cto.com/10481841/1959566

(0)
(0)
   
举报
评论 一句话评论(0
登录后才能评论!
© 2014 mamicode.com 版权所有  联系我们:gaon5@hotmail.com
迷上了代码!