防火墙/路由器未正确转换

网络工程 路由 路由器 防火墙
2022-03-05 18:03:39

我目前无法从 PC 访问 Internet。任何建议或意见都将受到欢迎:)

在此处输入图像描述

为了诊断一个更大的问题,我将我的实验室配置缩小到了基础。- pfsense 防火墙 - 1 x 路由器:e0:192.168.10.10,e1:192.168.20.1 - 1 x PC:静态 IP 地址(连接到路由器)

我可以从 PC 对外部(74.125.224.72(又名 Google))进行 Ping、traceroute 和 telnet,但是当我打开 Web 浏览器时,系统会超时。

路由器配置:

interface Embedded-Service-Engine0/0
 no ip address
 shutdown
!
interface GigabitEthernet0/0
 ip address 192.168.10.10 255.255.255.0
 ip nat outside
 ip virtual-reassembly in
 duplex auto
 speed auto
!
interface GigabitEthernet0/1
 ip address 192.168.20.1 255.255.255.0
 ip nat inside
 ip virtual-reassembly in
 duplex auto
 speed auto
!
ip forward-protocol nd
!
no ip http server
no ip http secure-server
!         
ip nat inside source list 1 interface GigabitEthernet0/0 overload
ip route 0.0.0.0 0.0.0.0 GigabitEthernet0/0 192.168.10.1
!
access-list 1 permit 192.168.20.0 0.0.0.255
  • PCAP 从 PC-Telnet 的防火墙到:74.125.224.72
18:50:04.436603 IP 192.168.10.10.49400 > lax17s02-in-f8.1e100.net.http: tcp 0
18:50:04.475986 IP lax17s02-in-f8.1e100.net.http > 192.168.10.10.49400: tcp 0
18:50:04.476401 IP 192.168.10.10.49400 > lax17s02-in-f8.1e100.net.http: tcp 0
18:50:05.375308 
18:50:15.375257 
18:50:25.375135 
18:50:33.093910 IP 192.168.10.10.49400 > lax17s02-in-f8.1e100.net.http: tcp 2
18:50:33.133231 IP lax17s02-in-f8.1e100.net.http > 192.168.10.10.49400: tcp 0
18:50:35.451082 
18:50:35.714407 IP 192.168.10.10.49400 > lax17s02-in-f8.1e100.net.http: tcp 5
18:50:35.753729 IP lax17s02-in-f8.1e100.net.http > 192.168.10.10.49400: tcp 0
18:50:38.442287 IP 192.168.10.10.49400 > lax17s02-in-f8.1e100.net.http: tcp 5
18:50:38.481624 IP lax17s02-in-f8.1e100.net.http > 192.168.10.10.49400: tcp 0
18:50:40.034061 IP 192.168.10.10.49400 > lax17s02-in-f8.1e100.net.http: tcp 3
18:50:40.073419 IP lax17s02-in-f8.1e100.net.http > 192.168.10.10.49400: tcp 0
18:50:40.073669 IP lax17s02-in-f8.1e100.net.http > 192.168.10.10.49400: tcp 1418
18:50:40.073750 IP lax17s02-in-f8.1e100.net.http > 192.168.10.10.49400: tcp 264
18:50:40.073757 IP lax17s02-in-f8.1e100.net.http > 192.168.10.10.49400: tcp 0
18:50:40.074082 IP 192.168.10.10.49400 > lax17s02-in-f8.1e100.net.http: tcp 0
18:50:40.074165 IP 192.168.10.10.49400 > lax17s02-in-f8.1e100.net.http: tcp 0
18:50:40.074174 IP 192.168.10.10.49400 > lax17s02-in-f8.1e100.net.http: tcp 0
18:50:40.113467 IP lax17s02-in-f8.1e100.net.http > 192.168.10.10.49400: tcp 0
18:50:42.995028 CDPv2, ttl: 180s, Device-ID 'Router', length 349
  • Wireshark pcap

在此处输入图像描述

再次感谢大家的时间,

0个回答
没有发现任何回复~
其它你可能感兴趣的问题
上一篇来自拓扑的 BIRD 路由器的最低 OSPFv3 配置 下一篇802.1w RSTP BPDU报文中的proposal flag和agreement flag