在JUNIPERMX960设备中禁止访问公网

关闭考试机房外网访问;以下是需要禁的网段10.16.13.1---10.16.13.10010.16.14.1---10.16.14.10010.16.15.1---10.16.15.10010.16.16.1---10.16.16.10010.16.17.1---10.16.17.10010.16.24.1---10.16.24.10010.16.26.1---10.16.26.100首先以上网段为静态认证地址;show configuration firewall filter up_dhcp_staticinterface-specific;term no_authentication {from {source-address {10.16.13.0/25;10.16.14.0/25;10.16.15.0/25;10.16.16.0/25;10.16.17.0/25;10.16.24.0/25;10.16.26.0/25;}destination-address {10.255.0.41/32; ###静态认证10.255.0.19/32; ###动态认证}}then {discard;}}set firewall filter up_dhcp_static term no_authentication from source-address 10.16.13.0/25set firewall filter up_dhcp_static term no_authentication from source-address 10.16.14.0/25set firewall filter up_dhcp_static term no_authentication from source-address 10.16.15.0/25set firewall filter up_dhcp_static term no_authentication from source-address 10.16.16.0/25set firewall filter up_dhcp_static term no_authentication from source-address 10.16.17.0/25set firewall filter up_dhcp_static term no_authentication from source-address 10.16.24.0/25set firewall filter up_dhcp_static term no_authentication from source-address 10.16.26.0/25set firewall filter up_dhcp_static term no_authentication from destination-address 10.255.0.41/32set firewall filter up_dhcp_static term no_authentication from destination-address 10.255.0.19/32set firewall filter up_dhcp_static term no_authentication then discard