收藏 分销(赏)
立即下载 开通VIP

asa5520防火墙透明模式的配置例子.doc

上传人:xrp****65 文档编号:5869051 上传时间:2024-11-22 格式:DOC 页数:3 大小:26.50KB
下载 相关 举报
asa5520防火墙透明模式的配置例子.doc_第1页
第1页 / 共3页
asa5520防火墙透明模式的配置例子.doc_第2页
第2页 / 共3页
asa5520防火墙透明模式的配置例子.doc_第3页
第3页 / 共3页
亲,该文档总共3页,全部预览完了,如果喜欢就下载吧!
资源描述

1、asa5520防火墙透明模式的配置例子ciscoasa# sh run: Saved:ASA Version 7.2(3) !firewall transparenthostname ciscoasadomain-name default.domain.invalidenable password 8Ry2YjIyt7RRXU24 encryptednames!interface GigabitEthernet0/0nameif outsidesecurity-level 0!interface GigabitEthernet0/1nameif insidesecurity-level 100

2、!interface GigabitEthernet0/2shutdownno nameifno security-level!interface GigabitEthernet0/3shutdownno nameif no security-level!interface Management0/0nameif managementsecurity-level 100ip address 192.168.1.1 255.255.255.0 management-only!passwd 2KFQnbNIdI.2KYOU encryptedftp mode passivedns server-g

3、roup DefaultDNSdomain-name default.domain.invalidaccess-list acl_inside extended permit ip any any access-list acl_inside extended permit icmp any any access-list acl_outside extended permit tcp any any eq 3306 access-list acl_outside extended permit tcp any any eq www access-list acl_outside extend

4、ed permit tcp any any eq 8080 access-list acl_outside extended permit tcp any any eq https access-list acl_outside extended permit tcp any any eq sqlnet access-list acl_outside extended permit tcp any any eq ftp access-list acl_outside extended permit tcp any any eq 1433 access-list acl_outside exte

5、nded permit esp any any access-list acl_outside extended permit udp any any eq isakmp access-list acl_outside extended permit tcp any any eq pop3 access-list acl_outside extended permit tcp any any eq smtp access-list acl_outside extended permit icmp any any pager lines 24mtu outside 1500mtu inside

6、1500mtu management 1500ip address 172.16.177.208 255.255.255.0no failovericmp unreachable rate-limit 1 burst-size 1asdm image disk0:/ASDM-523.BINno asdm history enablearp timeout 14400access-group acl_outside in interface outsideaccess-group acl_inside in interface insidetimeout xlate 3:00:00timeout

7、 conn 0:20:00 half-closed 0:10:00 udp 0:02:00 icmp 0:00:02timeout sunrpc 0:10:00 h323 0:05:00 h225 1:00:00 mgcp 0:05:00 mgcp-pat 0:05:00timeout sip 0:30:00 sip_media 0:02:00 sip-invite 0:03:00 sip-disconnect 0:02:00timeout uauth 0:05:00 absolutehttp server enablehttp 192.168.1.0 255.255.255.0 manage

8、menthttp 0.0.0.0 0.0.0.0 insideno snmp-server locationno snmp-server contactsnmp-server enable traps snmp authentication linkup linkdown coldstarttelnet timeout 5ssh timeout 5console timeout 0!class-map inspection_defaultmatch default-inspection-traffic!policy-map type inspect dns preset_dns_mappara

9、metersmessage-length maximum 512policy-map global_policyclass inspection_defaultinspect dns preset_dns_map inspect ftp inspect h323 h225 inspect h323 ras inspect rsh inspect rtsp inspect esmtp inspect sqlnet inspect skinny inspect sunrpc inspect xdmcp inspect sip inspect netbios inspect tftp inspect pptp !service-policy global_policy globalusername cisco password 3USUcOPFUiMCO4Jk encryptedprompt hostname context Cryptochecksum:4682fd668f251c28d32a0cb82a3ac5f3: endciscoasa#注意点:语句ip address 172.16.177.208 255.255.255.0是在interface GigabitEthernet0/0下配的,自己跑到外面来了,如果不配这个,好像ping不通。

展开阅读全文
部分上传会员的收益排行 01、路***(¥15400+),02、曲****(¥15300+),
03、wei****016(¥13200+),04、大***流(¥12600+),
05、Fis****915(¥4200+),06、h****i(¥4100+),
07、Q**(¥3400+),08、自******点(¥2400+),
09、h*****x(¥1400+),10、c****e(¥1100+),
11、be*****ha(¥800+),12、13********8(¥800+)。
相似文档                                   自信AI助手自信AI助手
搜索标签

当前位置:首页 > 行业资料 > 医学/心理学

移动网页_全站_页脚广告1

关于我们      便捷服务       自信AI       AI导航        获赠5币

©2010-2024 宁波自信网络信息技术有限公司  版权所有

客服电话:4008-655-100  投诉/维权电话:4009-655-100

gongan.png浙公网安备33021202000488号   

icp.png浙ICP备2021020529号-1  |  浙B2-20240490  

关注我们 :gzh.png    weibo.png    LOFTER.png 

客服