ASA和4503的配置

 本人在某学校做的ASA和4503的配置
拓朴如下:

 

asa

: Saved
: Written by enable_15 at 18:36:18.980 UTC Mon Jun 4 2007
ASA Version 7.0(6)
hostname ciscoasa
domain-name cisco.com
enable password 8Ry2YjIyt7RRXU24 encrypted
names
dns-guard
interface Ethernet0/0
 nameif outside
 security-level 0
 ip address 10.x.x.x 255.255.252.0
interface Ethernet0/1
 nameif inside
 security-level 100
 ip address 192.168.0.1 255.255.255.0
interface Ethernet0/2
 shutdown
 no nameif
 no security-level
 no ip address
interface Management0/0
 nameif management
 security-level 100
 ip address 192.168.1.1 255.255.255.0
 management-only
passwd 2KFQnbNIdI.2KYOU encrypted
ftp mode passive
object-group service OUTGOING tcp port-object eq https
 port-object eq ftp
 port-object eq smtp
 port-object eq www
pager lines 24
logging enable
logging timestamp
logging buffered warnings
logging asdm informational
mtu management 1500
mtu outside 1500
mtu inside 1500
asdm image disk0:/asdm506.bin
no asdm history enable
arp timeout 14400
global (outside) 1 x.x.x.x-x.x.x.x netmask 255.255.252.0
nat (inside) 1 0.0.0.0 0.0.0.0
route outside 0.0.0.0 0.0.0.0 x.x.x.x 1
route inside 192.168.0.0 255.255.0.0 192.168.0.2 1
timeout xlate 3:00:00
timeout conn 1:00:00 half-closed 0:10:00 udp 0:02:00 icmp 0:00:02
timeout sunrpc 0:10:00 h323 0:05:00 h225 1:00:00 mgcp 0:05:00
timeout mgcp-pat 0:05:00 sip 0:30:00 sip_media 0:02:00
timeout uauth 0:05:00 absolute
http server enable
http 192.168.1.0 255.255.255.0 management
http 192.168.0.0 255.255.0.0 inside
no snmp-server location
no snmp-server contact
snmp-server enable traps snmp authentication linkup linkdown coldstart
telnet 192.168.0.0 255.255.0.0 inside
telnet timeout 5
ssh timeout 5
console timeout 0
dhcpd address 192.168.1.2-192.168.1.254 management
dhcpd lease 3600
dhcpd ping_timeout 50
dhcpd enable management
class-map inspection_default
 match default-inspection-traffic
policy-map global_policy
 class inspection_default  inspect dns maximum-length 512
  inspect ftp
  inspect h323 h225
  inspect h323 ras
  inspect rsh
  inspect rtsp
  inspect esmtp
  inspect sqlnet    
  inspect skinny
  inspect sunrpc
  inspect xdmcp
  inspect sip
  inspect netbios
  inspect tftp
  inspect icmp
service-policy global_policy globalCryptochecksum:78aaec6004e00a292808b06d80cd07b4
: end

4503

version 12.2
no service pad
service timestamps debug uptime
servicetimestamps log uptime
no service password-encryption
service compress-config
hostname 4503
boot-start-marker
boot-end-marker
no aaa new-model
vtp mode transparent
ip subnet-zero
no file verify auto
spanning-tree mode pvst
spanning-tree extend system-id
power redundancy-mode redundant
vlan internal allocation policy ascending
vlan 10,20,30
interface GigabitEthernet1/1
 no switchport
 ip address 192.168.0.2 255.255.255.0
 speed 100
interface GigabitEthernet1/2
 switchport access vlan 10
interface GigabitEthernet1/3
 switchport access vlan 10
interface GigabitEthernet1/4
switchport access vlan 10
interface GigabitEthernet1/5
 switchport access vlan 10
interface GigabitEthernet1/6
 switchport access vlan 10
interface GigabitEthernet1/7
 switchport access vlan 10
interface GigabitEthernet1/8
switchport access vlan 10
interface GigabitEthernet1/9
 switchport access vlan 10
interface GigabitEthernet1/10
 switchport access vlan 10
interface GigabitEthernet1/11
 switchport access vlan 10
interface GigabitEthernet1/12
 switchport access vlan 10
interface GigabitEthernet1/13
 switchport access vlan 20
 no cdp enable
interface GigabitEthernet1/14
 switchport access vlan 30
 no cdp enable
interface GigabitEthernet1/15
interface GigabitEthernet1/16
interface GigabitEthernet1/17
interface GigabitEthernet1/18
interface GigabitEthernet1/19
interface GigabitEthernet1/20
interface Vlan1
 no ip address
interface Vlan10
 ip address 192.168.10.1 255.255.255.0
interface Vlan20
 ip address 192.168.20.1 255.255.255.0
interface Vlan30
 ip address 192.168.30.1 255.255.255.0
ip route 0.0.0.0 0.0.0.0 192.168.0.1
no ip http server
line con 0
 exec-timeout 0 0
 logging synchronous
 stopbits 1
line vty 0 4
 no login
end

 

 

 

 

本文出自 “上善若水威加海内” 博客,转载请与作者联系!

你可能感兴趣的:(职场,休闲,ASA和4503的配置)