pc1配置
pc2配置
防火墙配置
接口配置ip
int g1/0/0
ip add 192.168.10.254 24
service-manage ping permit
int g1/0/1
ip add 200.1.1.254 24
service-manage ping permit
接口添加到安全区域
firewall zone trust
add int g1/0/0
firewall zone untrust
add int g1/0/1
配置安全策略
security-policy
rule name trust_to_untrust
source-zone trust
destination-zone untrust
action permit
//可配可不配,配置及后可以使pc2 ping通pc1
security-policy
rule name untrust_to_trust
source-zone untrust
destination-zone trust
action permit
验证