收藏
下载资源 加入VIP,省得不是一点点

ASA5505透明模式下完全配置.docx

上传人:11****ws 文档编号:3258974 上传时间:2019-05-27 格式:DOCX 页数:8 大小:16.30KB
下载 相关 举报
ASA5505透明模式下完全配置.docx_第1页
第1页 / 共8页
ASA5505透明模式下完全配置.docx_第2页
第2页 / 共8页
ASA5505透明模式下完全配置.docx_第3页
第3页 / 共8页
ASA5505透明模式下完全配置.docx_第4页
第4页 / 共8页
ASA5505透明模式下完全配置.docx_第5页
第5页 / 共8页
点击查看更多>>
资源描述

1、ASA5505透明模式下完全配置2008-08-01 13:04ciscoasa# show run: Saved:ASA Version 7.2(3) !firewall transparenthostname ciscoasadomain-name default.domain.invalidenable password 8Ry2YjIyt7RRXU24 encryptednames!interface Vlan1nameif insidesecurity-level 100!interface Vlan2nameif outsidesecurity-level 0!interface

2、Ethernet0/0!interface Ethernet0/1!interface Ethernet0/2!interface Ethernet0/3! interface Ethernet0/4switchport access vlan 2!interface Ethernet0/5switchport access vlan 2!interface Ethernet0/6!interface Ethernet0/7!passwd 2KFQnbNIdI.2KYOU encryptedftp mode passivedns server-group DefaultDNSdomain-na

3、me default.domain.invalidaccess-list 111 extended permit tcp any any eq ftp-data access-list 111 extended permit tcp any any eq ssh access-list 111 extended permit tcp any any eq www access-list 111 extended permit tcp any any eq 8080 access-list 111 extended permit tcp any any eq 6600 access-list 1

4、11 extended permit tcp any any eq 7877 access-list 111 extended permit tcp any any range 2020 2121 access-list 111 extended permit tcp any any range 6800 6900 access-list 111 extended permit tcp any any range 5200 5400 access-list 111 extended permit icmp any any pager lines 24mtu inside 1500mtu out

5、side 1500ip address 192.168.100.100 255.255.255.0icmp unreachable rate-limit 1 burst-size 1asdm image disk0:/asdm-523.binno asdm history enablearp timeout 14400access-group 111 in interface outsidetimeout xlate 3:00:00timeout conn 1:00:00 half-closed 0:10:00 udp 0:02:00 icmp 0:00:02timeout sunrpc 0:

6、10:00 h323 0:05:00 h225 1:00:00 mgcp 0:05:00 mgcp-pat 0:05:00timeout sip 0:30:00 sip_media 0:02:00 sip-invite 0:03:00 sip-disconnect 0:02:00timeout uauth 0:05:00 absolutehttp server enablehttp 0.0.0.0 0.0.0.0 insideno snmp-server locationno snmp-server contactsnmp-server enable traps snmp authentica

7、tion linkup linkdown coldstarttelnet 0.0.0.0 0.0.0.0 insidetelnet timeout 5ssh timeout 5console timeout 0! class-map inspection_defaultmatch default-inspection-traffic!policy-map type inspect dns preset_dns_mapparametersmessage-length maximum 512policy-map global_policyclass inspection_defaultinspec

8、t dns preset_dns_map inspect ftp inspect h323 h225 inspect h323 ras inspect rsh inspect rtsp inspect esmtp inspect sqlnet inspect skinny inspect sunrpc inspect xdmcp inspect sip inspect netbios inspect tftp ! service-policy global_policy globalprompt hostname context Cryptochecksum:871ee08b54631ff02

9、1ad0c4a1a3db59d: endciscoasa# ciscoasa# ciscoasa# ciscoasa# ciscoasa# show verciscoasa# show version Cisco Adaptive Security Appliance Software Version 7.2(3) Device Manager Version 5.2(3)Compiled on Wed 15-Aug-07 16:08 by buildersSystem image file is “disk0:/asa723-k8.bin“Config file at boot was “s

10、tartup-config“ciscoasa up 5 mins 34 secsHardware: ASA5505, 256 MB RAM, CPU Geode 500 MHzInternal ATA Compact Flash, 128MBBIOS Flash M50FW080 0xffe00000, 1024KBEncryption hardware device : Cisco ASA-5505 on-board accelerator (revision 0x0)Boot microcode : CNlite-MC-Boot-Cisco-1.2SSL/IKE microcode: CN

11、lite-MC-IPSEC-Admin-3.03IPSec microcode : CNlite-MC-IPSECm-MAIN-2.040: Int: Internal-Data0/0 : address is 001e.4a39.b59d, irq 111: Ext: Ethernet0/0 : address is 001e.4a39.b595, irq 2552: Ext: Ethernet0/1 : address is 001e.4a39.b596, irq 2553: Ext: Ethernet0/2 : address is 001e.4a39.b597, irq 2554: E

12、xt: Ethernet0/3 : address is 001e.4a39.b598, irq 2555: Ext: Ethernet0/4 : address is 001e.4a39.b599, irq 2556: Ext: Ethernet0/5 : address is 001e.4a39.b59a, irq 2557: Ext: Ethernet0/6 : address is 001e.4a39.b59b, irq 2558: Ext: Ethernet0/7 : address is 001e.4a39.b59c, irq 2559: Int: Internal-Data0/1

13、 : address is 0000.0003.0002, irq 25510: Int: Not used : irq 25511: Int: Not used : irq 255Licensed features for this platform:Maximum Physical Interfaces : 8 VLANs : 3, DMZ RestrictedInside Hosts : 10 Failover : DisabledVPN-DES : Enabled VPN-3DES-AES : Enabled VPN Peers : 10 WebVPN Peers : 2 Dual I

14、SPs : Disabled VLAN Trunk Ports : 0 This platform has a Base license.Serial Number: JMX1145Z03DRunning Activation Key: 0x33184371 0x3cfb93d2 0xbc80d584 0x8efca824 0xcb0aadac Configuration register is 0x1Configuration has not been modified since last system restart.ciscoasa# ciscoasa# ciscoasa# cisco

15、asa# show inciscoasa# show interfaceInterface Vlan1 “inside“, is up, line protocol is upHardware is EtherSVIMAC address 001e.4a39.b59d, MTU 1500IP address 1.1.1.1, subnet mask 255.255.255.255Traffic Statistics for “inside“:48 packets input, 3275 bytes68 packets output, 3206 bytes3 packets dropped1 m

16、inute input rate 0 pkts/sec, 5 bytes/sec1 minute output rate 0 pkts/sec, 15 bytes/sec1 minute drop rate, 0 pkts/sec5 minute input rate 0 pkts/sec, 10 bytes/sec5 minute output rate 0 pkts/sec, 9 bytes/sec5 minute drop rate, 0 pkts/secInterface Vlan2 “outside“, is up, line protocol is upHardware is Et

17、herSVIMAC address 001e.4a39.b59e, MTU 1500IP address 1.1.1.1, subnet mask 255.255.255.255Traffic Statistics for “outside“:113 packets input, 6686 bytes13 packets output, 855 bytes60 packets dropped1 minute input rate 0 pkts/sec, 26 bytes/sec1 minute output rate 0 pkts/sec, 5 bytes/sec1 minute drop r

18、ate, 0 pkts/sec5 minute input rate 0 pkts/sec, 18 bytes/sec5 minute output rate 0 pkts/sec, 2 bytes/sec5 minute drop rate, 0 pkts/secInterface Ethernet0/0 “, is up, line protocol is upHardware is 88E6095, BW 100 MbpsAuto-Duplex(Full-duplex), Auto-Speed(100 Mbps)Available but not configured via namei

19、fMAC address 001e.4a39.b595, MTU not setIP address unassigned25 packets input, 2547 bytes, 0 no bufferReceived 4 broadcasts, 0 runts, 0 giants0 input errors, 0 CRC, 0 frame, 0 overrun, 0 ignored, 0 abort0 L2 decode drops0 switch ingress policy drops112 packets output, 7756 bytes, 0 underruns0 output

20、 errors, 0 collisions, 0 interface resets0 babbles, 0 late collisions, 0 deferred0 lost carrier, 0 no carrier0 rate limit drops0 switch egress policy dropsInterface Ethernet0/1 “, is down, line protocol is downHardware is 88E6095, BW 100 MbpsAuto-Duplex, Auto-SpeedAvailable but not configured via na

21、meifMAC address 001e.4a39.b596, MTU not setIP address unassigned0 packets input, 0 bytes, 0 no bufferReceived 0 broadcasts, 0 runts, 0 giants0 input errors, 0 CRC, 0 frame, 0 overrun, 0 ignored, 0 abort0 L2 decode drops0 switch ingress policy drops0 packets output, 0 bytes, 0 underruns0 output error

22、s, 0 collisions, 0 interface resets0 babbles, 0 late collisions, 0 deferred0 lost carrier, 0 no carrier0 rate limit drops0 switch egress policy dropsInterface Ethernet0/2 “, is down, line protocol is downHardware is 88E6095, BW 100 MbpsAuto-Duplex, Auto-SpeedAvailable but not configured via nameifMA

23、C address 001e.4a39.b597, MTU not setIP address unassigned0 packets input, 0 bytes, 0 no bufferReceived 0 broadcasts, 0 runts, 0 giants0 input errors, 0 CRC, 0 frame, 0 overrun, 0 ignored, 0 abort0 L2 decode drops0 switch ingress policy drops0 packets output, 0 bytes, 0 underruns0 output errors, 0 c

24、ollisions, 0 interface resets0 babbles, 0 late collisions, 0 deferred0 lost carrier, 0 no carrier0 rate limit drops0 switch egress policy dropsInterface Ethernet0/3 “, is down, line protocol is downHardware is 88E6095, BW 100 MbpsAuto-Duplex, Auto-SpeedAvailable but not configured via nameifMAC addr

25、ess 001e.4a39.b598, MTU not setIP address unassigned0 packets input, 0 bytes, 0 no bufferReceived 0 broadcasts, 0 runts, 0 giants0 input errors, 0 CRC, 0 frame, 0 overrun, 0 ignored, 0 abort0 L2 decode drops0 switch ingress policy drops0 packets output, 0 bytes, 0 underruns0 output errors, 0 collisi

26、ons, 0 interface resets0 babbles, 0 late collisions, 0 deferred0 lost carrier, 0 no carrier0 rate limit drops0 switch egress policy dropsInterface Ethernet0/4 “, is down, line protocol is downHardware is 88E6095, BW 100 MbpsAuto-Duplex, Auto-SpeedAvailable but not configured via nameifMAC address 00

27、1e.4a39.b599, MTU not setIP address unassigned0 packets input, 0 bytes, 0 no bufferReceived 0 broadcasts, 0 runts, 0 giants0 input errors, 0 CRC, 0 frame, 0 overrun, 0 ignored, 0 abort0 L2 decode drops0 switch ingress policy drops0 packets output, 0 bytes, 0 underruns0 output errors, 0 collisions, 0

28、 interface resets0 babbles, 0 late collisions, 0 deferred0 lost carrier, 0 no carrier0 rate limit drops0 switch egress policy dropsInterface Ethernet0/5 “, is up, line protocol is upHardware is 88E6095, BW 100 MbpsAuto-Duplex(Full-duplex), Auto-Speed(100 Mbps)Available but not configured via nameifM

29、AC address 001e.4a39.b59a, MTU not setIP address unassigned113 packets input, 8726 bytes, 0 no bufferReceived 97 broadcasts, 0 runts, 0 giants0 input errors, 0 CRC, 0 frame, 0 overrun, 0 ignored, 0 abort0 L2 decode drops0 switch ingress policy drops13 packets output, 1089 bytes, 0 underruns0 output

30、errors, 0 collisions, 0 interface resets0 babbles, 0 late collisions, 0 deferred0 lost carrier, 0 no carrier0 rate limit drops0 switch egress policy dropsInterface Ethernet0/6 “, is down, line protocol is downHardware is 88E6095, BW 100 MbpsAuto-Duplex, Auto-SpeedAvailable but not configured via nam

31、eifMAC address 001e.4a39.b59b, MTU not setIP address unassigned0 packets input, 0 bytes, 0 no bufferReceived 0 broadcasts, 0 runts, 0 giants0 input errors, 0 CRC, 0 frame, 0 overrun, 0 ignored, 0 abort0 L2 decode drops0 switch ingress policy drops0 packets output, 0 bytes, 0 underruns0 output errors

32、, 0 collisions, 0 interface resets0 babbles, 0 late collisions, 0 deferred0 lost carrier, 0 no carrier0 rate limit drops0 switch egress policy dropsInterface Ethernet0/7 “, is down, line protocol is downHardware is 88E6095, BW 100 MbpsAuto-Duplex, Auto-SpeedAvailable but not configured via nameifMAC

33、 address 001e.4a39.b59c, MTU not setIP address unassigned47 packets input, 3554 bytes, 0 no bufferReceived 30 broadcasts, 0 runts, 0 giants1 input errors, 0 CRC, 0 frame, 0 overrun, 0 ignored, 0 abort0 L2 decode drops0 switch ingress policy drops12 packets output, 1458 bytes, 0 underruns0 output err

34、ors, 0 collisions, 0 interface resets0 babbles, 0 late collisions, 0 deferred0 lost carrier, 0 no carrier0 rate limit drops0 switch egress policy dropsciscoasa# ciscoasa# ciscoasa# 开启 web管理asdm image disk0:/asdm-523.binhttp server enablehttp 192.168.100.0 255.255.255.0 insideusername cisco password 3USUcOPFUiMCO4Jk encrypted privilege 15配置透明模式的时候,一定要配置管理地址,不然是不会通的!清空配置wr erase

展开阅读全文
相关资源
相关搜索

当前位置:首页 > 重点行业资料库 > 医药卫生

Copyright © 2018-2021 Wenke99.com All rights reserved

工信部备案号浙ICP备20026746号-2  

公安局备案号:浙公网安备33038302330469号

本站为C2C交文档易平台,即用户上传的文档直接卖给下载用户,本站只是网络服务中间平台,所有原创文档下载所得归上传人所有,若您发现上传作品侵犯了您的权利,请立刻联系网站客服并提供证据,平台将在3个工作日内予以改正。