思科asa5505防火墙配置成功实例（CISCO asa5505 firewall configuration successful example）.doc

下载文档 降价啦

15
0
约3.48千字
约 10页
2017-08-20 发布于河南
举报
版权申诉
保障服务

思科asa5505防火墙配置成功实例（CISCO asa5505 firewall configuration successful example）.doc

1、本文档共10页，可阅读全部内容。
2、原创力文档（book118）网站文档一经付费（服务费），不意味着购买了该文档的版权，仅供个人/单位学习、研究之用，不得用于商业用途，未经授权，严禁复制、发行、汇编、翻译或者网络传播等，侵权必究。
3、本站所有内容均由合作方或网友上传，本站不对文档的完整性、权威性及其观点立场正确性做任何保证或承诺！文档内容仅供研究参考，付费前请自行鉴别。如您付费，意味着您自己接受本站规则且自行承担风险，本站不退款、不进行额外附加服务；查看《如何避免下载的几个坑》。如果您已付费下载过本站文档，您可以点击这里二次下载。
4、如文档侵犯商业秘密、侵犯著作权、侵犯人身权等，请点击“版权申诉”（推荐），也可以打举报电话：400-050-0827(电话支持时间：9:00-18:30)。

思科asa5505防火墙配置成功实例（CISCO asa5505 firewall configuration successful example）

思科asa5505防火墙配置成功实例（CISCO asa5505 firewall configuration successful example） CISCO ASA5505 firewall configuration successful example Author: jx_wangl... Article source: this site original hits: 1357 update time: 2009-12-14 Configuration requirements: 1, divided into inside (intranet), outside (external network), DMZ (safety zone) three regions. 2, the network can access the external network and DMZ server (WEB), the external network can access the DMZ server (Web). 3, Dmz server, respectively open 80, 21, 3389 ports. Explanation: because the firewall license limits no forward interface Vlan1 DMZ, the server cannot access the extranet. Specific configuration is as follows: I hope to help friends in need ASA Version 7.2 (4) ! Hostname asa5505 Enable password tDElRpQcbH/qLvnn encrypted Passwd 2KFQnbNIdI.2KYOU encrypted Names ! Interface Vlan1 NameIf outside Security-level 0 IP address extranet IP extranet mask ! Interface Vlan2 NameIf inside Security-level 100 IP address ! Interface Vlan3 No forward interface Vlan1 NameIf DMZ Security-level 50 IP address ! Interface Ethernet0/0 Description outside ! Interface Ethernet0/1 Description inside Switchport access VLAN 2 ! Interface Ethernet0/2 Description DMZ Switchport access VLAN 3 ! Interface Ethernet0/3 Description inside Switchport access VLAN 2 ! Interface Ethernet0/4 Shutdown ! Interface Ethernet0/5 Shutdown ! Interface Ethernet0/6 Shutdown ! Interface Ethernet0/7 Shutdown ! FTP mode passive Object-group service outside-to-dmz TCP Port-object EQ www Port-object EQ FTP Port-object EQ 3389 Access-list, AAA, extended, permit, TCP, any, host, extranet, IP, object-group, outside- To-dmz Access-list, BBB, extended, permit, TCP, host, , , ob, Ject-group outside-to-dmz Pager lines 24 MTU outside 1500 MTU inside 1500 MTU DMZ 1500 ICMP unreachable rate-limit 1 burst-size 1 ASDM image disk0:/asdm-524.bin No ASDM history enable ARP timeout 14400 Global (outside) 1 interface Global (DMZ) 1 172.16.1. 10-54 netmask NAT (inside)