Pix525初体验(二)之配置篇

P ix525 初体验(二)之配置篇
CISCO pix525 防火墙设有两种工作模式:一种是传统的路由模式,一种是透明模式。下面分别对两种模式进行配置 :
一, 路由模式
   ena
conf t
hostname pix525
interface ethernet 0
nameif outside
ip address 121.15.134.210 255.255.255.248
no sh
exit
interface ethernet 1
nameif inside
ip address 192.168.100.1 255.255.255.0
no sh
exit
route outside 0 0 121.15.134.209 1
nat (inside) 1 0 0
global (outside) 1 121.15.134.212
access-list out_acl permit icmp any any
access-group  out_acl in interface outside    //nat 的配置
 
static (inside,outside) 121.15.134.212 192.168.100.100
access-list yczm permit tcp any host 121.15.134.212 eq 3389
access-group yczm in interface outside       // 静态地址转换的配置
 
telnet 192.168.100.100 255.255.255.255 inside
passwd 123456                          //telnet 连接的配置
 
二, 透明模式
configure terminal
interface Ethernet0
nameif outside
no shutdown
exit
interface Ethernet1
nameif inside
no shutdown
exit
 
firewall transparent                             // 启用透明模式        
access-list out-list extended permit icmp any any      
access-list out_list extended permit tcp any host 192.168.0.220 eq 3389
access-group out-list in interface outside  
 
ip address 192.168.100.1 255.255.255.0             // 配置一个管理 ip ,用于远程连接
telnet 192.168.100.100 255.255.255.255 inside
passwd 123456
wr 

你可能感兴趣的:(职场,休闲,透明模式,防火墙配置,PIX525)