dis cur | in policy 查看
policy-based-route 有线网络 permit node 5
policy-based-route 有线网络 permit node 10
ip policy-based-route 有线网络
nat global-policy
ips apply policy 默认入侵防御策略 mode protect
anti-virus apply policy default mode protect
ips apply policy 默认入侵防御策略 mode protect
anti-virus apply policy default mode protect
apt apply policy default
ips apply policy 默认入侵防御策略 mode protect
security-policy ip
ips policy 默认入侵防御策略
policy-based-route 有线网络 permit node 15
if-match acl 3211 如果匹配acl 3211
apply next-hop 9.9.9.9 则下一跳地址走这个 9.9.9.9 (固定IP地址的网关,固定IP地址的下一跳,问运营商)
dis ip policy-based-route 查看 (语句可接 interface g0/0/X,单独查看某一个接口的优先级)
Policy name: 有线网络
node 5 permit:
if-match acl 3000
node 10 permit:
if-match acl 3210
apply next-hop 8.8.8.8
node 15 permit:
if-match acl 3211
apply next-hop 9.9.9.9
int gx/x/x 进入接口
nat outbound address-group 3 此接口nat地址转换为add3
nat outbound 3100 address-group 3 此接口nat地址仅转换3100段为add3
undo nat outbound 3100 取消上一条命令