asa配置
ASA Version 8.0(2) <system>
!
hostname ASA5520
enable password 2KFQnbNIdI.2KYOU encrypted
no mac-address auto
!
interface Ethernet0/0
!
interface Ethernet0/0.1
 vlan 100
!
interface Ethernet0/0.2
 vlan 200
!
interface Ethernet0/0.3
 vlan 300
!
interface Ethernet0/1
!
interface Ethernet0/1.1
 vlan 10
!
interface Ethernet0/1.2
 vlan 20      
!             
interface Ethernet0/1.3
 vlan 30      
!             
interface Ethernet0/2
!             
interface Ethernet0/3
!             
interface Ethernet0/4
 shutdown     
!             
interface Ethernet0/5
 shutdown     
!             
class default
  limit-resource All 0
  limit-resource ASDM 5
  limit-resource SSH 5
  limit-resource Telnet 5
!             
              
ftp mode passive
pager lines 24
no failover   
no asdm history enable
arp timeout 14400
console timeout 0
              
admin-context admin
context admin
  config-url disk0:/admin.cfg
!             
              
context join  
  allocate-interface Ethernet0/0
  allocate-interface Ethernet0/1
  config-url disk0:/join.cfg
!             
              
context networking
  allocate-interface Ethernet0/2
  allocate-interface Ethernet0/3
  config-url disk0:/networking.cfg
!             
              
prompt hostname context
Cryptochecksum:9cc1a45cf59984c4f1379b68f95b098a
: end

asa/neworking配置

: Saved
:
ASA Version 8.0(2) <context>
!
hostname networking
enable password 2KFQnbNIdI.2KYOU encrypted
names
!
interface Ethernet0/2
 nameif outside
 security-level 0
 ip address dhcp
!
interface Ethernet0/3
 nameif inside
 security-level 100
 ip address 172.16.1.254 255.255.255.0
!
passwd 2KFQnbNIdI.2KYOU encrypted
access-list out-to-in extended permit icmp any any echo
access-list out-to-in extended permit icmp any any echo-reply
access-list out-to-in extended permit tcp any host 10.0.0.110 eq ssh
access-list out-to-in extended permit tcp any host 10.0.0.110 eq www
access-list out-to-in extended permit tcp any host 10.0.0.110 eq ftp
access-list out-to-in extended permit tcp any host 10.0.0.110 eq 8080
pager lines 24
mtu outside 1500
mtu inside 1500
icmp unreachable rate-limit 1 burst-size 1
no asdm history enable
arp timeout 14400
global (outside) 1 interface
nat (inside) 1 172.16.1.0 255.255.255.0
static (inside,outside) tcp 10.0.0.110 ssh 172.16.1.1 ssh netmask 255.255.255.255
static (inside,outside) tcp 10.0.0.110 www 172.16.1.1 www netmask 255.255.255.255
static (inside,outside) tcp 10.0.0.110 ftp 172.16.1.1 ftp netmask 255.255.255.255
static (inside,outside) tcp 10.0.0.110 8080 172.16.1.1 3128 netmask 255.255.255.255
access-group out-to-in in interface outside
route outside 0.0.0.0 0.0.0.0 10.0.0.254 1
timeout xlate 3:00:00
timeout conn 1:00:00 half-closed 0:10:00 udp 0:02:00 icmp 0:00:02
timeout sunrpc 0:10:00 h323 0:05:00 h225 1:00:00 mgcp 0:05:00 mgcp-pat 0:05:00
timeout sip 0:30:00 sip_media 0:02:00 sip-invite 0:03:00 sip-disconnect 0:02:00
timeout uauth 0:05:00 absolute
aaa authentication ssh console LOCAL
no snmp-server location
no snmp-server contact
no crypto isakmp nat-traversal
telnet timeout 5
ssh 0.0.0.0 0.0.0.0 outside
ssh timeout 30
ssh version 2
!             
class-map inspection_default
 match default-inspection-traffic
!             
!             
policy-map type inspect dns preset_dns_map
 parameters   
  message-length maximum 512
policy-map global_policy
 class inspection_default
  inspect dns preset_dns_map
  inspect ftp
  inspect h323 h225
  inspect h323 ras
  inspect netbios
  inspect rsh
  inspect rtsp
  inspect skinny  
  inspect esmtp
  inspect sqlnet
  inspect sunrpc
  inspect tftp
  inspect sip  
  inspect xdmcp
!             
service-policy global_policy global
username networking password qN3BipPT/OszXPm3 encrypted privilege 15
Cryptochecksum:430e91e467e74583910adccfabf80cec
: end

asa/join配置

ASA5520/join# sh running-config
: Saved
:
ASA Version 8.0(2) <context>
!
hostname join
enable password 2KFQnbNIdI.2KYOU encrypted
names
!
interface Ethernet0/0
 nameif outside
 security-level 0
 ip address dhcp
!
interface Ethernet0/1
 nameif inside
 security-level 100
 ip address 192.168.1.254 255.255.255.0
!
passwd 2KFQnbNIdI.2KYOU encrypted
access-list out-to-in extended permit icmp any any echo
access-list out-to-in extended permit icmp any any echo-reply
access-list out-to-in extended permit tcp any host 10.0.0.100 eq 3389
access-list out-to-in extended permit tcp any host 10.0.0.100 eq www
access-list out-to-in extended permit tcp any host 10.0.0.100 eq ftp
access-list out-to-in extended permit tcp any host 10.0.0.100 eq telnet
pager lines 24
mtu inside 1500
mtu outside 1500
icmp unreachable rate-limit 1 burst-size 1
no asdm history enable
arp timeout 14400
global (outside) 1 interface
nat (inside) 1 192.168.1.0 255.255.255.0
static (inside,outside) tcp 10.0.0.100 3389 192.168.1.1 3389 netmask 255.255.255.255
static (inside,outside) tcp 10.0.0.100 www 192.168.1.1 www netmask 255.255.255.255
static (inside,outside) tcp 10.0.0.100 ftp 192.168.1.1 ftp netmask 255.255.255.255
static (inside,outside) tcp 10.0.0.100 telnet 192.168.1.1 telnet netmask 255.255.255.255
access-group out-to-in in interface outside
route outside 0.0.0.0 0.0.0.0 10.0.0.254 1
timeout xlate 3:00:00
timeout conn 1:00:00 half-closed 0:10:00 udp 0:02:00 icmp 0:00:02
timeout sunrpc 0:10:00 h323 0:05:00 h225 1:00:00 mgcp 0:05:00 mgcp-pat 0:05:00
timeout sip 0:30:00 sip_media 0:02:00 sip-invite 0:03:00 sip-disconnect 0:02:00
timeout uauth 0:05:00 absolute
aaa authentication ssh console LOCAL
no snmp-server location
no snmp-server contact
no crypto isakmp nat-traversal
telnet timeout 5
ssh 0.0.0.0 0.0.0.0 outside
ssh timeout 30
ssh version 2
!             
class-map inspection_default
 match default-inspection-traffic
!             
!             
policy-map type inspect dns preset_dns_map
 parameters   
  message-length maximum 512
policy-map global_policy
 class inspection_default
  inspect dns preset_dns_map
  inspect ftp
  inspect h323 h225
  inspect h323 ras
  inspect netbios
  inspect rsh
  inspect rtsp
  inspect skinny  
  inspect esmtp
  inspect sqlnet
  inspect sunrpc
  inspect tftp
  inspect sip  
  inspect xdmcp
!             
service-policy global_policy global
username join password p8h1Qs/3blqj2KNa encrypted privilege 15
Cryptochecksum:3ece39ddf49bbe75af6c3688e1aebb4f
: end

ASA虚墙配置的更多相关文章

  1. OSPF虚链路配置.示例2

    先看一个拓扑图 黄色区域是area0,即骨干区域,如果如图示RT1与RT6之间的链路断了,那么会出现骨干区域被“分裂”的情况,很明显骨干区域是不能被分割开的,出现这种状况的时候可能会影响到整个自制系统 ...

  2. linux虚机配置开发/Server环境全集

    linux虚机配置开发/Server环境全集 9. centos 升级githttp://www.cnblogs.com/grimm/p/5368777.htmla. 下载git2.2.1并将git添 ...

  3. CISCO ASA 5505 经典配置案例

    nterface Vlan2 nameif outside  ----------------------------------------对端口命名外端口  security-level 0 -- ...

  4. Hyper-V 手动导入虚机配置实例(转载)

    原文转载:http://blog.51cto.com/bobzy/980241 Hyper-V提供了很方便的虚机导入和导出功能.平时假如我们想导出虚机,先选中虚机,然后鼠标右键在出现菜单列表中选中“导 ...

  5. ESXi5.5下的Centos7虚机配置静态IP

    使用的是osboxes.org上下载的已安装centos7 image, 在启动后, ifconfig不能看到网卡, 需要关机后在ESXi客户端编辑虚机, 删除网卡, 保存, 添加网卡, 网卡类型选择 ...

  6. OSPF虚链路配置.示例1

      在OSPF 网络中,区域0为骨干区域,其它的为非骨干区域,非骨干区域必须与骨干区域直接相连. 根据拓扑图可看到区域1与骨干区域0直接相连而区域2与骨干区域没有直接相连,这种情况下我们可以创建一条虚 ...

  7. ASA IPSEC VPN配置

    ASA-1配置 : Saved:ASA Version 8.0(2) !hostname ASA-1enable password 8Ry2YjIyt7RRXU24 encryptednames!in ...

  8. Azure Linux 虚机上配置 RAID 的常见问题及解决方案

    简介 独立硬盘冗余阵列(RAID, Redundant Array of Independent Disks),简称磁盘阵列.能增强数据集成度,增强容错功能,增加处理量或容量.详情参见这篇文章. 配置 ...

  9. OPCDA通信--工作在透明模式下的CISCO ASA 5506-X防火墙配置

    尊重原创,转发请声名 inside OPCSERVER 一台 outside OPCCLIENT 一台 route模式 配置没成功,放弃,采用透明模式 !----进入全局配置-- configure ...

随机推荐

  1. Android UI 之WaterFall瀑布流效果

        所谓瀑布流效果,简单说就是宽度相同但是高度不同的一大堆图片,分成几列,然后像水流一样向下排列,并随着用户的上下滑动自动加载更多的图片内容.     语言描述比较抽象,具体效果看下面的截图:   ...

  2. Python爬虫入门三之Urllib库的基本使用

    转自http://cuiqingcai.com/947.html 1.分分钟扒一个网页下来 怎样扒网页呢?其实就是根据URL来获取它的网页信息,虽然我们在浏览器中看到的是一幅幅优美的画面,但是其实是由 ...

  3. 2数组的slice和splice方法

    var colors=["blue","red","black","yellow","gray",& ...

  4. 用Delphi进行word开发

    使用以CreateOleObjects方式调用Word 实际上还是Ole,但是这种方式能够真正做到完全控制Word文件,能够使用Word的所有属性,包括自己编写的VBA宏代码.------------ ...

  5. JSP 的9个内置对象

    JSP内置对象:我们在使用JSP进行页面编程时可以直接使用而不需自己创建的一些Web容器已为用户创建好的JSP内置对象.如request,session,response,out等. 下面就JSP2. ...

  6. 基于visual Studio2013解决C语言竞赛题之1065二维排序

        题目 解决代码及点评 /* 功能:二维数组排序.设有4×5的数组M,通过排序使 M[1][1]≤M[1][2]≤...≤M[1][5]≤M[2][1]≤M[2][2]≤...≤ ...

  7. [置顶] 无名管道的C++封装

    xpipe-无名管道的C++封装类 无名管道的C++封装类,用于父子进程进行通信 基础介绍 unix下一切皆文件,管道也不例外.无名管道pipe定义在<unistd.h>中. #inclu ...

  8. Eequal sum sets

    Let us consider sets of positive integers less than or equal to n. Note that all elements of a set a ...

  9. DLP显示单元(威创)

    品牌:威创型号:E-SX675生产商:广东威创视讯科技股份有限公司1.生厂商简介(1)生产商概述广东威创视讯科技股份有限公司(简称威创)成立于2002年,专业从事大屏幕拼接显示产品及其解决方案的研发. ...

  10. VC++ WIN32 sdk实现按钮自绘详解 之二(关键是BS_OWNERDRAW和WM_DRAWITEM)

    网上找了很多,可只是给出代码,没有详细解释,不便初学者理解.我就抄回冷饭.把这个再拿出来说说. 实例图片:    首先建立一个标准的Win32 Application 工程.选择a simple Wi ...