This content has been machine translated dynamically.
Dieser Inhalt ist eine maschinelle Übersetzung, die dynamisch erstellt wurde. (Haftungsausschluss)
Cet article a été traduit automatiquement de manière dynamique. (Clause de non responsabilité)
Este artículo lo ha traducido una máquina de forma dinámica. (Aviso legal)
此内容已动态机器翻译。 放弃
このコンテンツは動的に機械翻訳されています。免責事項
This content has been machine translated dynamically.
This content has been machine translated dynamically.
This content has been machine translated dynamically.
This article has been machine translated.
Dieser Artikel wurde maschinell übersetzt. (Haftungsausschluss)
Ce article a été traduit automatiquement. (Clause de non responsabilité)
Este artículo ha sido traducido automáticamente. (Aviso legal)
この記事は機械翻訳されています.免責事項
이 기사는 기계 번역되었습니다.
Este artigo foi traduzido automaticamente.
这篇文章已经过机器翻译.放弃
Translation failed!
LSN 配置示例
以下是通过命令行界面配置 LSN 的示例。
使用单个订阅者网络、单个 LSN NAT IP 地址和默认设置创建简单的 LSN 配置:
add lsn client LSN-CLIENT-1
Done
bind lsn client LSN-CLIENT-1 -network 192.0.2.0 -netmask 255.255.255.0
Done
add lsn pool LSN-POOL-1
Done
bind lsn pool LSN-POOL-1 203.0.113.3
Done
add lsn group LSN-GROUP-1 -clientname LSN-CLIENT-1
Done
bind lsn group LSN-GROUP-1 -poolname pool1 LSN-POOL-1
Done
使用扩展 ACL 创建 LSN 配置,用于识别 LSN 订阅者:
add ns acl LSN-ACL-2 ALLOW -srcIP 192.0.2.10-192.0.2.20
Done
apply acls
Done
add lsn client LSN-CLIENT-2
Done
bind lsn client LSN-CLIENT-2 –aclname LSN-ACL-2
Done
add lsn pool LSN-POOL-2
Done
bind lsn pool LSN-POOL-2 203.0.113.5-203.0.113.10
Done
add lsn group LSN-GROUP-2 -clientname LSN-CLIENT-2
Done
bind lsn group LSN-GROUP-2 -poolname LSN-POOL-2
Done
使用 HTTP 协议(端口 80)和 SSH 协议(端口 22)的地址端口相关映射创建 LSN 配置。此外,限制每个订阅者最多使用 1000 个 NAT 端口用于 TCP 协议,最多使用 100 个 NAT 端口用于 UDP 协议。限制每个订阅者具有 TCP 协议的最多 2000 个并发会话。将组限制为 TCP 协议的最多具有 30000 个并发会话:
add lsn client LSN-CLIENT-3
Done
bind lsn client LSN-CLIENT-3 -network 192.0.3.0 -netmask 255.255.255.0
Done
add lsn pool LSN-POOL-3
Done
bind lsn pool LSN-POOL-3 203.0.113.11
Done
add lsn group LSN-GROUP-3 -clientname LSN-CLIENT-3
Done
bind lsn group LSN-GROUP-3 -poolname LSN-POOL-3
Done
add lsn appsprofile LSN-APPS-HTTPPROFILE-3 TCP -mapping ENDPOINT-INDEPENDENT
Done
bind lsn appsprofile LSN-APPS-HTTPPROFILE-3 80
Done
bind lsn group LSN-GROUP-3 -applicationprofilename LSN-APPS-HTTPPROFILE-3
Done
add lsn appsprofile LSN-APPS-SSHPROFILE-3 TCP -mapping ADDRESS-PORT-DEPENDENT
Done
bind lsn appsprofile LSN-APPS-SSHPROFILE-3 22
Done
bind lsn group LSN-GROUP-3 -applicationprofilename LSN-APPS-SSHPROFILE-3
Done
add lsn transportprofile LSN-TRANS-PROFILE-TCP-3 TCP -portquota 1000 -sessionquota 2000 -groupSessionLimit 30000
Done
bind lsn group LSN-GROUP-3 -transportprofilename LSN-TRANS-PROFILE-TCP-3
Done
add lsn transportprofile LSN-TRANS-PROFILE-UDP-3 UDP -portquota 100
Done
bind lsn group LSN-GROUP-3 -transportprofilename LSN-TRANS-PROFILE-UDP-3
Done
为大量订阅者创建 LSN 配置:
add lsn client LSN-CLIENT-4
Done
bind lsn client LSN-CLIENT-4 -network 192.0.4.0 -netmask 255.255.255.0
Done
bind lsn client LSN-CLIENT-4 -network 192.0.5.0 -netmask 255.255.255.0
Done
bind lsn client LSN-CLIENT-4 -network 192.0.6.0 -netmask 255.255.255.0
Done
bind lsn client LSN-CLIENT-4 -network 192.0.7.0 -netmask 255.255.255.0
Done
bind lsn client LSN-CLIENT-4 -network 192.0.8.0 -netmask 255.255.255.0
Done
add lsn pool LSN-POOL-4
Done
bind lsn pool LSN-POOL-4 203.0.113.30-203.0.113.40
Done
bind lsn pool LSN-POOL-4 203.0.113.45-203.0.113.50
Done
bind lsn pool LSN-POOL-4 203.0.113.55-203.0.113.60
Done
add lsn group LSN-GROUP-4 -clientname LSN-CLIENT-4
Done
bind lsn group LSN-GROUP-4 -poolname LSN-POOL-4
Done
add lsn appsprofile LSN-APPS-WELLKNOWNPROFILE-4 TCP -mapping ENDPOINT-INDEPENDENT
Done
bind lsn appsprofile LSN-APPS-WELLKNOWN-PORTS-PROFILE-4 1- 1023
Done
bind lsn group LSN-GROUP-4 -applicationprofilename LSN-APPS-WELLKNOWN-PORTS-PROFILE-4
Done
通过在多个 LSN 组之间共享 NAT 资源创建 LSN 配置。在此示例中,LSN 池 LSN-POOL-5 与 LSN-GROUP-5 和 LSN-GROUP-6 共享:
add lsn client LSN-CLIENT-5
Done
bind lsn client LSN-CLIENT-5 -network 192.0.15.0 -netmask 255.255.255.0
Done
add lsn pool LSN-POOL-5
Done
bind lsn pool LSN-POOL-5 203.0.113.12-203.0.113.14
Done
add lsn group LSN-GROUP-5 -clientname LSN-CLIENT-5
Done
bind lsn group LSN-GROUP-5 -poolname LSN-POOL-5
Done
add lsn client LSN-CLIENT-6
Done
bind lsn client LSN-CLIENT-6 -network 192.0.16.0 -netmask 255.255.255.0
Done
add lsn pool LSN-POOL-6
Done
bind lsn pool LSN-POOL-6 203.0.113.15-203.0.113.18
Done
add lsn group LSN-GROUP-6 -clientname LSN-CLIENT-6
Done
bind lsn group LSN-GROUP-6 -poolname LSN-POOL-6
Done
bind lsn group LSN-GROUP-6 -poolname LSN-POOL-5
Done
创建具有确定性 NAT 资源分配的 LSN 配置:
add lsn client LSN-CLIENT-7
Done
bind lsn client LSN-CLIENT-7 -network 192.0.17.0 -netmask 255.255.255.0
Done
add lsn pool LSN-POOL-7 -nattype DETERMINISTIC
Done
bind lsn pool LSN-POOL-7 203.0.113.19-203.0.113.23
Done
add lsn group LSN-GROUP-7 -clientname LSN-CLIENT-7 -nattype DETERMINISTIC -portblocksize 1024
Done
bind lsn group LSN-GROUP-7 -poolname LSN-POOL-7
Done
使用具有相同网络地址但每个网络属于不同流量域的多个订阅者网络创建 LSN 配置。此外,限制与 HTTP 协议(端口 80)相关的出站流量,通过特定流量域(td 5)发送它:
add lsn client LSN-CLIENT-8
Done
bind lsn client LSN-CLIENT-8 -network 192.0.18.0 -netmask 255.255.255.0 -td 1
Done
bind lsn client LSN-CLIENT-8 -network 192.0.18.0 -netmask 255.255.255.0 -td 2
Done
bind lsn client LSN-CLIENT-8 -network 192.0.18.0 -netmask 255.255.255.0 -td 3
Done
add lsn pool LSN-POOL-8
Done
bind lsn pool LSN-POOL-8 203.0.113.80-203.0.113.86
Done
add lsn group LSN-GROUP-8 -clientname LSN-CLIENT-8
Done
bind lsn group LSN-GROUP-8 -poolname LSN-POOL-8
Done
add lsn appsprofile LSN-APPS-HTTP-PROFILE-8 TCP -td 5
Done
bind lsn appsprofile LSN-APPS-HTTP-PROFILE-8 80
Done
bind lsn group LSN-GROUP-8 -applicationprofilename LSN-APPS-HTTP-PROFILE-8
Done
创建 LSN 配置,限制特定协议 (TCP) 的出站流量,并通过特定流量域 (td 5) 发送它。使用与端点无关的筛选,在任何流量域上接收与此协议 (TCP) 相关的入站流量:
add lsn client LSN-CLIENT-9
Done
bind lsn client LSN-CLIENT-9 -network 192.0.9.0 -netmask 255.255.255.0 -td 1
Done
add lsn pool LSN-POOL-9
Done
bind lsn pool LSN-POOL-9 203.0.113.90
Done
add lsn group LSN-GROUP-9 -clientname LSN-CLIENT-9
Done
bind lsn group LSN-GROUP-9 -poolname LSN-POOL-9
Done
add lsn appsprofile LSN-APPS-PROFILE-9 TCP -filtering ENDPOINT-INDEPENDENT -td 5
Done
bind lsn group LSN-GROUP-9 -approfile LSN-APPS-PROFILE-9
Done
创建限制出站 HTTP(端口 80)流量的 LSN 配置,并通过特定流量域 (td 10) 发送它。通过与地址相关的筛选,在指定流量域 (td 10) 上接收与此协议 (HTTP) 相关的入站流量:
add lsn client LSN-CLIENT-10
Done
bind lsn client LSN-CLIENT-10 -network 192.0.10.0 -netmask 255.255.255.0 -td 1
Done
add lsn pool LSN-POOL-10
Done
bind lsn pool LSN-POOL-10 203.0.113.100
Done
add lsn group LSN-GROUP-10 -clientname LSN-CLIENT-10
Done
bind lsn group LSN-GROUP-10 -poolname LSN-POOL-10
Done
add lsn appsprofile LSN-APPS-PROFILE-10 TCP -mapping ENDPOINT -INDEPENDENT -filtering ADDRESS-DEPENDENT -td 10
Done
bind lsn appsprofile LSN-APPS-PROFILE-10 80
Done
bind lsn group LSN-GROUP-10 -approfile LSN-APPS-PROFILE-10
Done
分享:
分享:
本文中包含的内容
This Preview product documentation is Citrix Confidential.
You agree to hold this documentation confidential pursuant to the terms of your Citrix Beta/Tech Preview Agreement.
The development, release and timing of any features or functionality described in the Preview documentation remains at our sole discretion and are subject to change without notice or consultation.
The documentation is for informational purposes only and is not a commitment, promise or legal obligation to deliver any material, code or functionality and should not be relied upon in making Citrix product purchase decisions.
If you do not agree, select Do Not Agree to exit.