返回
ASA防火墙配置

ASA防火墙配置

ID:37813949

大小:85.93 KB

页数:16页

时间:2019-05-31

ASA防火墙配置_第1页
ASA防火墙配置_第2页
ASA防火墙配置_第3页
ASA防火墙配置_第4页
ASA防火墙配置_第5页
资源描述:

《ASA防火墙配置》由会员上传分享,免费在线阅读,更多相关内容在行业资料-天天文库

1、ConfigurationsThisdocumentusestheseconfigurations:•EasyVPNServer(ASA5520)•EasyVPNRemoteHardwareClientEasyVPNServer(ASA5520)ASA5520-704#writeterminal:Saved:ASAVersion7.0(4)!hostnameASA5520-704enablepassword8Ry2YjIyt7RRXU24encryptednames!!---Configuretheoutsideandinsideinterfaces.interf

2、aceGigabitEthernet0/0nameifoutsidesecurity-level0ipaddress10.20.20.1255.255.255.0!interfaceGigabitEthernet0/1nameifinsidesecurity-level100ipaddress172.22.1.1255.255.255.0!interfaceGigabitEthernet0/2shutdownnonameifnosecurity-levelnoipaddress!interfaceGigabitEthernet0/3shutdownnonameif

3、nosecurity-levelnoipaddress!interfaceManagement0/0shutdownnonameifnosecurity-levelnoipaddress!passwd2KFQnbNIdI.2KYOUencryptedftpmodepassive!---Thisaccesslistisusedforanatzerocommandthatprevents!---trafficwhichmatchestheaccesslistfromundergoing!---networkaddresstranslation(NAT).access-

4、listno-natextendedpermitip172.22.1.0255.255.255.0172.16.1.0255.255.255.0!---Thisaccesslistisusedtodefinethetraffic!---thatshouldpassthroughthetunnel.!---Itisboundtothegrouppolicywhichdefines!---adynamiccryptomap.access-listezvpn1extendedpermitip172.22.1.0255.255.255.0172.16.1.0255.255

5、.255.0pagerlines24mtuoutside1500mtuinside1500nofailovericmppermitanyecho-replyoutsideicmppermitanyinsidenoasdmhistoryenablearptimeout14400!---SpecifytheNATconfiguration.!---NAT0preventsNATfortheACLdefinedinthisconfiguration.!---Thenat1commandspecifiesNATforallothertraffic.global(outsi

6、de)1interfacenat(inside)0access-listno-natnat(inside)10.0.0.00.0.0.0routeoutside0.0.0.00.0.0.010.20.20.21timeoutxlate3:00:00timeoutconn1:00:00half-closed0:10:00udp0:02:00icmp0:00:02timeoutsunrpc0:10:00h3230:05:00h2251:00:00mgcp0:05:00timeoutmgcp-pat0:05:00sip0:30:00sip_media0:02:00tim

7、eoutuauth0:05:00absolute!---ThisdefinesthegrouppolicyyouusewithEasyVPN.!---Specifythenetworks!---thatshouldpassthroughthetunnelandthatyouwantto!---usenetworkextensionmode.group-policymyGROUPinternalgroup-policymyGROUPattributessplit-tunnel-policytunnelspecifiedsplit-tunnel-network-lis

8、tvalu

当前文档最多预览五页,下载文档查看全文

此文档下载收益归作者所有

当前文档最多预览五页,下载文档查看全文
温馨提示:
1. 部分包含数学公式或PPT动画的文件,查看预览时可能会显示错乱或异常,文件下载后无此问题,请放心下载。
2. 本文档由用户上传,版权归属用户,天天文库负责整理代发布。如果您对本文档版权有争议请及时联系客服。
3. 下载前请仔细阅读文档内容,确认文档内容符合您的需求后进行下载,若出现内容与标题不符可向本站投诉处理。
4. 下载文档时可能由于网络波动等原因无法下载或下载错误,付费完成后未能成功下载的用户请联系客服处理。