您的位置:360文档中心› asa5520双线接入配置实例1

asa5520双线接入配置实例1

开通远程登入的命令是什么?

10.0.0.1 内网可以telnet
我想通过外网 61.175.201.80 telnet防火墙
希望各位大大帮帮忙。

具体配置如下:

ciscoasa# show ip
System IP Addresses:
Interface Name IP address Subnet mask Method
GigabitEthernet0/0 outside1 61.175.201.80 255.255.255.248 CONFIG
GigabitEthernet0/1 outside2 221.12.102.112 255.255.255.248 CONFIG
GigabitEthernet0/2 inside 10.0.0.1 255.255.240.0 CONFIG
Management0/0 management 192.168.1.1 255.255.255.0 CONFIG
Current IP Addresses:
Interface Name IP address Subnet mask Method
GigabitEthernet0/0 outside1 61.175.201.80 255.255.255.248 CONFIG
GigabitEthernet0/1 outside2 221.12.102.112 255.255.255.248 CONFIG
GigabitEthernet0/2 inside 10.0.0.1 255.255.240.0 CONFIG
Management0/0 management 192.168.1.1 255.255.255.0 CONFIG
ciscoasa# show run
: Saved
:
ASA Version 7.2(2)
!
hostname ciscoasa
enable password 2KFQnbNIdI.2KYOU encrypted
names
!
interface GigabitEthernet0/0
nameif outside1
security-level 0
ip address 61.175.201.80 255.255.255.248
!
interface GigabitEthernet0/1
nameif outside2
security-level 0
ip address 221.12.102.112 255.255.255.248
!
interface GigabitEthernet0/2
nameif inside
security-level 100
ip address 10.0.0.1 255.255.240.0
!
interface GigabitEthernet0/3
shutdown
no nameif
no security-level
no ip address
!
interface Management0/0
nameif management
security-level 100
ip address 192.168.1.1 255.255.255.0
management-only
!
passwd 2KFQnbNIdI.2KYOU encrypted
ftp mode passive
access-list outside_access_in extended permit icmp any any
access-list mail extended permit 110 any any
access-list mail extended permit 25 any any
access-list mail extended permit icmp any any
access-list mail extended permit tcp any any eq 81
access-list dianxin extended permit ip 10.0.0.0 255.255.240.0 any
access-list test extended permit tcp any any eq smtp
access-list test extended permit icmp any any
access-list test extended permit tcp any any eq pop3
access-list test extended permit tcp any any eq 1970
access-list test extended permit tcp any any eq 1971
access-list test extended permit tcp any any eq www
access-list test extended permit tcp any any eq 5001
access-list test extended permit tcp any any eq pcanywhere-data
access-list test extended permit tcp any any eq 3389
access-list test extended permit tcp any any eq 5632
access-list test extended permit tcp any any
access-list test extended permit udp any any
access-list extended extended permit tcp any any
pager lines 24
logging asdm informational
mtu outside1 1500
mtu outside2 1500
mtu inside 1500
mtu management 1500
no failover
icmp unreachable rate-limit 1 burst-size 1
no asdm history enable
arp timeout 14400
global (outside1) 1 interface
global (outside2) 2 interface
nat (inside) 2 access-list wangtong
nat (inside) 1 access-list dianxin
static (inside,outside1) tcp interface 81 10.0.0.101 81 netmask 25

5.255.255.255
static (inside,outside1) tcp interface pop3 10.0.0.101 pop3 netmask 255.255.255.255
static (inside,outside1) tcp interface smtp 10.0.0.101 smtp netmask 255.255.255.255
static (inside,outside2) tcp interface www 10.0.0.99 www netmask 255.255.255.255
static (inside,outside1) tcp interface www 10.0.0.99 www netmask 255.255.255.255
static (inside,outside1) tcp interface 1970 10.0.0.2 1970 netmask 255.255.255.255
static (inside,outside2) tcp interface 1971 10.0.0.2 1971 netmask 255.255.255.255
static (inside,outside1) tcp interface 5001 10.0.0.101 5001 netmask 255.255.255.255
static (inside,outside2) tcp interface pcanywhere-data 10.0.0.108 pcanywhere-data netmask 255.255.255.255
static (inside,outside2) tcp interface 5632 10.0.0.108 5632 netmask 255.255.255.255
static (inside,outside1) tcp interface 5632 10.0.0.108 5632 netmask 255.255.255.255
static (inside,outside1) tcp interface pcanywhere-data 10.0.0.108 pcanywhere-data netmask 255.255.255.255
static (inside,outside1) tcp interface 3389 10.0.0.108 3389 netmask 255.255.255.255
static (inside,outside2) tcp interface 1970 10.0.0.2 1970 netmask 255.255.255.255
static (inside,outside1) tcp interface 1971 10.0.0.2 1971 netmask 255.255.255.255
access-group test in interface outside1
access-group test in interface outside2
route outside1 0.0.0.0 0.0.0.0 61.175.223.89 1
route outside2 58.16.0.0 255.255.0.0 221.12.104.113 1
route outside2 58.17.0.0 255.255.128.0 221.12.104.113 1
route outside2 58.17.128.0 255.255.128.0 221.12.104.113 1
route outside2 58.18.0.0 255.255.0.0 221.12.104.113 1
route outside2 58.19.0.0 255.255.0.0 221.12.104.113 1
route outside2 58.20.0.0 255.255.0.0 221.12.104.113 1
route outside2 58.21.0.0 255.255.0.0 221.12.104.113 1
route outside2 58.22.0.0 255.254.0.0 221.12.104.113 1
route outside2 58.240.0.0 255.254.0.0 221.12.104.113 1
route outside2 58.242.0.0 255.254.0.0 221.12.104.113 1
route outside2 58.244.0.0 255.254.0.0 221.12.104.113 1
route outside2 58.246.0.0 255.254.0.0 221.12.104.113 1
route outside2 58.248.0.0 255.248.0.0 221.12.104.113 1
route outside2 60.0.0.0 255.248.0.0 221.12.104.113 1
route outside2 60.8.0.0 255.254.0.0 221.12.104.113 1
route outside2 60.10.0.0 255.255.0.0 221.12.104.113 1
route outside2 60.11.0.0 255.255.0.0 221.12.104.113 1
route outside2 60.12.0.0 255.255.0.0 221.12.104.113 1
route outside2 60.13.0.0 255.255.192.0 221.12.104.113 1
route outside2 60.13.64.0 255.255.192.0 221.12.104.113 1
route outside2 60.13.128.0 255.255.128.0 221.12.104.113 1
route outside2 60.14.0.0 255.254.0.0 221.12.104.113 1
route outside2 60.16.0.0 255.248.0.0 221.12.104.113 1
route outside2 60.24.0.0 255.252.0.0 221.12.104.113 1
route outside2 60.28.0.0 255.254.0.0 221.12.104.113 1
route outside2 60.30.0.0 255.255.0.0 221.12.104.113 1
route outside2 60.31.0.0 255.255.0.0 221.12.104.113 1
route outside2 60.208.0.0 255.248.0.0 221.12.104.113 1
route outside2 60.216.0.0 255.254.0.0 221.12.104.113 1
route

outside2 60.218.0.0 255.254.0.0 221.12.104.113 1
route outside2 60.220.0.0 255.252.0.0 221.12.104.113 1
route outside2 61.48.0.0 255.252.0.0 221.12.104.113 1
route outside2 61.52.0.0 255.254.0.0 221.12.104.113 1
route outside2 61.54.0.0 255.255.0.0 221.12.104.113 1
route outside2 61.55.0.0 255.255.0.0 221.12.104.113 1
route outside2 61.133.0.0 255.255.128.0 221.12.104.113 1
route outside2 61.134.96.0 255.255.224.0 221.12.104.113 1
route outside2 61.134.128.0 255.255.192.0 221.12.104.113 1
route outside2 61.134.192.0 255.255.192.0 221.12.104.113 1
route outside2 61.135.0.0 255.255.0.0 221.12.104.113 1
route outside2 61.136.0.0 255.255.192.0 221.12.104.113 1
route outside2 61.136.64.0 255.255.192.0 221.12.104.113 1
route outside2 61.137.128.0 255.255.128.0 221.12.104.113 1
route outside2 61.138.0.0 255.255.192.0 221.12.104.113 1
route outside2 61.138.64.0 255.255.192.0 221.12.104.113 1
route outside2 61.138.128.0 255.255.192.0 221.12.104.113 1
route outside2 61.139.128.0 255.255.192.0 221.12.104.113 1
route outside2 61.148.0.0 255.254.0.0 221.12.104.113 1
route outside2 61.156.0.0 255.255.0.0 221.12.104.113 1
route outside2 61.158.0.0 255.255.128.0 221.12.104.113 1
route outside2 61.158.128.0 255.255.128.0 221.12.104.113 1
route outside2 61.159.0.0 255.255.192.0 221.12.104.113 1
route outside2 61.161.0.0 255.255.192.0 221.12.104.113 1
route outside2 61.161.128.0 255.255.128.0 221.12.104.113 1
route outside2 61.162.0.0 255.255.0.0 221.12.104.113 1
route outside2 61.163.0.0 255.255.0.0 221.12.104.113 1
route outside2 61.167.0.0 255.255.0.0 221.12.104.113 1
route outside2 61.168.0.0 255.255.0.0 221.12.104.113 1
route outside2 61.176.0.0 255.255.0.0 221.12.104.113 1
route outside2 61.179.0.0 255.255.0.0 221.12.104.113 1
route outside2 61.180.128.0 255.255.128.0 221.12.104.113 1
route outside2 61.181.0.0 255.255.0.0 221.12.104.113 1
route outside2 61.182.0.0 255.255.0.0 221.12.104.113 1
route outside2 61.189.0.0 255.255.128.0 221.12.104.113 1
route outside2 116.2.0.0 255.254.0.0 221.12.104.113 1
route outside2 121.16.0.0 255.248.0.0 221.12.104.113 1
route outside2 121.24.0.0 255.252.0.0 221.12.104.113 1
route outside2 121.30.0.0 255.255.0.0 221.12.104.113 1
route outside2 121.31.0.0 255.255.0.0 221.12.104.113 1
route outside2 122.136.0.0 255.248.0.0 221.12.104.113 1
route outside2 122.156.0.0 255.252.0.0 221.12.104.113 1
route outside2 122.192.0.0 255.252.0.0 221.12.104.113 1
route outside2 122.198.0.0 255.255.0.0 221.12.104.113 1
route outside2 123.4.0.0 255.252.0.0 221.12.104.113 1
route outside2 123.8.0.0 255.248.0.0 221.12.104.113 1
route outside2 123.112.0.0 255.240.0.0 221.12.104.113 1
route outside2 123.128.0.0 255.248.0.0 221.12.104.113 1
route outside2 123.138.0.0 255.254.0.0 221.12.104.113 1
route outside2 123.144.0.0 255.252.0.0 221.12.104.113 1
route outside2 123.148.0.0 255.255.0.0 221.12.104.113 1
route outside2 123.152.0.0 255.248.0.0 221.12.104.113 1
route outside2 123.188.0.0 255.252.

0.0 221.12.104.113 1
route outside2 123.232.0.0 255.252.0.0 221.12.104.113 1
route outside2 124.64.0.0 255.254.0.0 221.12.104.113 1
route outside2 124.66.0.0 255.255.128.0 221.12.104.113 1
route outside2 124.67.0.0 255.255.0.0 221.12.104.113 1
route outside2 124.88.0.0 255.255.0.0 221.12.104.113 1
route outside2 124.89.0.0 255.255.128.0 221.12.104.113 1
route outside2 124.89.128.0 255.255.128.0 221.12.104.113 1
route outside2 124.90.0.0 255.254.0.0 221.12.104.113 1
route outside2 124.92.0.0 255.252.0.0 221.12.104.113 1
route outside2 124.128.0.0 255.248.0.0 221.12.104.113 1
route outside2 124.160.0.0 255.255.0.0 221.12.104.113 1
route outside2 124.161.0.0 255.255.0.0 221.12.104.113 1
route outside2 124.162.0.0 255.255.0.0 221.12.104.113 1
route outside2 124.163.0.0 255.255.0.0 221.12.104.113 1
route outside2 124.164.0.0 255.252.0.0 221.12.104.113 1
route outside2 125.32.0.0 255.255.0.0 221.12.104.113 1
route outside2 125.33.0.0 255.255.0.0 221.12.104.113 1
route outside2 125.34.0.0 255.255.0.0 221.12.104.113 1
route outside2 125.35.0.0 255.255.128.0 221.12.104.113 1
route outside2 125.35.128.0 255.255.128.0 221.12.104.113 1
route outside2 125.36.0.0 255.252.0.0 221.12.104.113 1
route outside2 125.40.0.0 255.248.0.0 221.12.104.113 1
route outside2 125.211.0.0 255.255.0.0 221.12.104.113 1
route outside2 202.96.0.0 255.255.192.0 221.12.104.113 1
route outside2 202.96.64.0 255.255.248.0 221.12.104.113 1
route outside2 202.96.72.0 255.255.248.0 221.12.104.113 1
route outside2 202.96.80.0 255.255.240.0 221.12.104.113 1
route outside2 202.97.128.0 255.255.192.0 221.12.104.113 1
route outside2 202.97.192.0 255.255.224.0 221.12.104.113 1
route outside2 202.97.224.0 255.255.248.0 221.12.104.113 1
route outside2 202.97.232.0 255.255.248.0 221.12.104.113 1
route outside2 202.97.240.0 255.255.240.0 221.12.104.113 1
route outside2 202.98.0.0 255.255.248.0 221.12.104.113 1
route outside2 202.98.8.0 255.255.248.0 221.12.104.113 1
route outside2 202.98.16.0 255.255.240.0 221.12.104.113 1
route outside2 202.99.0.0 255.255.192.0 221.12.104.113 1
route outside2 202.99.64.0 255.255.224.0 221.12.104.113 1
route outside2 202.99.96.0 255.255.248.0 221.12.104.113 1
route outside2 202.99.104.0 255.255.248.0 221.12.104.113 1
route outside2 202.99.112.0 255.255.240.0 221.12.104.113 1
route outside2 202.99.128.0 255.255.224.0 221.12.104.113 1
route outside2 202.99.160.0 255.255.248.0 221.12.104.113 1
route outside2 202.99.168.0 255.255.248.0 221.12.104.113 1
route outside2 202.99.176.0 255.255.240.0 221.12.104.113 1
route outside2 202.99.192.0 255.255.248.0 221.12.104.113 1
route outside2 202.99.200.0 255.255.248.0 221.12.104.113 1
route outside2 202.99.208.0 255.255.240.0 221.12.104.113 1
route outside2 202.99.224.0 255.255.248.0 221.12.104.113 1
route outside2 202.99.232.0 255.255.248.0 221.12.104.113 1
route outside2 202.99.240.0 255.255.240.0 221.12.104.113 1
route outside2 202.102.128.0 255.255.248.0 221.12.104.113 1
r

oute outside2 202.102.136.0 255.255.248.0 221.12.104.113 1
route outside2 202.102.144.0 255.255.240.0 221.12.104.113 1
route outside2 202.102.160.0 255.255.224.0 221.12.104.113 1
route outside2 202.102.224.0 255.255.248.0 221.12.104.113 1
route outside2 202.102.232.0 255.255.248.0 221.12.104.113 1
route outside2 202.102.240.0 255.255.240.0 221.12.104.113 1
route outside2 202.106.0.0 255.255.0.0 221.12.104.113 1
route outside2 202.107.0.0 255.255.128.0 221.12.104.113 1
route outside2 202.108.0.0 255.255.0.0 221.12.104.113 1
route outside2 202.110.0.0 255.255.192.0 221.12.104.113 1
route outside2 202.110.64.0 255.255.192.0 221.12.104.113 1
route outside2 202.110.192.0 255.255.192.0 221.12.104.113 1
route outside2 202.111.128.0 255.255.224.0 221.12.104.113 1
route outside2 202.111.160.0 255.255.224.0 221.12.104.113 1
route outside2 203.93.8.0 255.255.255.0 221.12.104.113 1
route outside2 203.93.9.0 255.255.255.0 221.12.104.113 1
route outside2 203.93.10.0 255.255.254.0 221.12.104.113 1
route outside2 203.93.12.0 255.255.252.0 221.12.104.113 1
route outside2 203.93.16.0 255.255.240.0 221.12.104.113 1
route outside2 203.93.32.0 255.255.224.0 221.12.104.113 1
route outside2 203.93.64.0 255.255.192.0 221.12.104.113 1
route outside2 203.93.128.0 255.255.248.0 221.12.104.113 1
route outside2 203.93.136.0 255.255.252.0 221.12.104.113 1
route outside2 203.93.140.0 255.255.255.0 221.12.104.113 1
route outside2 203.93.141.0 255.255.255.0 221.12.104.113 1
route outside2 203.93.142.0 255.255.254.0 221.12.104.113 1
route outside2 203.93.144.0 255.255.240.0 221.12.104.113 1
route outside2 203.93.160.0 255.255.224.0 221.12.104.113 1
route outside2 203.93.192.0 255.255.192.0 221.12.104.113 1
route outside2 210.13.128.0 255.255.128.0 221.12.104.113 1
route outside2 210.14.160.0 255.255.224.0 221.12.104.113 1
route outside2 210.14.192.0 255.255.224.0 221.12.104.113 1
route outside2 210.14.224.0 255.255.224.0 221.12.104.113 1
route outside2 210.15.32.0 255.255.224.0 221.12.104.113 1
route outside2 210.15.64.0 255.255.224.0 221.12.104.113 1
route outside2 210.15.96.0 255.255.224.0 221.12.104.113 1
route outside2 210.15.128.0 255.255.192.0 221.12.104.113 1
route outside2 210.21.0.0 255.255.128.0 221.12.104.113 1
route outside2 210.21.128.0 255.255.128.0 221.12.104.113 1
route outside2 210.22.0.0 255.255.0.0 221.12.104.113 1
route outside2 210.51.0.0 255.255.0.0 221.12.104.113 1
route outside2 210.52.0.0 255.255.192.0 221.12.104.113 1
route outside2 210.52.64.0 255.255.192.0 221.12.104.113 1
route outside2 210.52.128.0 255.255.128.0 221.12.104.113 1
route outside2 210.53.0.0 255.255.128.0 221.12.104.113 1
route outside2 210.53.128.0 255.255.128.0 221.12.104.113 1
route outside2 210.74.96.0 255.255.224.0 221.12.104.113 1
route outside2 210.74.128.0 255.255.224.0 221.12.104.113 1
route outside2 210.78.0.0 255.255.224.0 221.12.104.113 1
route outside2 210.82.0.0 255.254.0.0 221.12.104.113 1
route outside2 211.144.0.0 255.254

.0.0 221.12.104.113 1
route outside2 218.7.0.0 255.255.0.0 221.12.104.113 1
route outside2 218.10.0.0 255.255.0.0 221.12.104.113 1
route outside2 218.11.0.0 255.255.0.0 221.12.104.113 1
route outside2 218.12.0.0 255.255.0.0 221.12.104.113 1
route outside2 218.21.128.0 255.255.128.0 221.12.104.113 1
route outside2 218.24.0.0 255.254.0.0 221.12.104.113 1
route outside2 218.26.0.0 255.255.0.0 221.12.104.113 1
route outside2 218.27.0.0 255.255.0.0 221.12.104.113 1
route outside2 218.28.0.0 255.254.0.0 221.12.104.113 1
route outside2 218.56.0.0 255.252.0.0 221.12.104.113 1
route outside2 218.60.0.0 255.254.0.0 221.12.104.113 1
route outside2 218.62.0.0 255.255.128.0 221.12.104.113 1
route outside2 218.67.128.0 255.255.128.0 221.12.104.113 1
route outside2 218.68.0.0 255.254.0.0 221.12.104.113 1
route outside2 218.104.0.0 255.255.128.0 221.12.104.113 1
route outside2 218.104.128.0 255.255.224.0 221.12.104.113 1
route outside2 218.104.160.0 255.255.224.0 221.12.104.113 1
route outside2 218.104.192.0 255.255.248.0 221.12.104.113 1
route outside2 218.104.200.0 255.255.248.0 221.12.104.113 1
route outside2 218.104.208.0 255.255.240.0 221.12.104.113 1
route outside2 218.104.224.0 255.255.224.0 221.12.104.113 1
route outside2 218.105.0.0 255.255.0.0 221.12.104.113 1
route outside2 218.106.0.0 255.254.0.0 221.12.104.113 1
route outside2 219.154.0.0 255.254.0.0 221.12.104.113 1
route outside2 219.156.0.0 255.254.0.0 221.12.104.113 1
route outside2 219.158.0.0 255.255.128.0 221.12.104.113 1
route outside2 219.158.128.0 255.255.128.0 221.12.104.113 1
route outside2 219.159.0.0 255.255.192.0 221.12.104.113 1
route outside2 219.232.0.0 255.252.0.0 221.12.104.113 1
route outside2 220.248.0.0 255.252.0.0 221.12.104.113 1
route outside2 220.252.0.0 255.255.0.0 221.12.104.113 1
route outside2 221.0.0.0 255.254.0.0 221.12.104.113 1
route outside2 221.2.0.0 255.255.0.0 221.12.104.113 1
route outside2 221.3.0.0 255.255.128.0 221.12.104.113 1
route outside2 221.3.128.0 255.255.128.0 221.12.104.113 1
route outside2 221.4.0.0 255.255.0.0 221.12.104.113 1
route outside2 221.5.0.0 255.255.128.0 221.12.104.113 1
route outside2 221.5.128.0 255.255.128.0 221.12.104.113 1
route outside2 221.6.0.0 255.255.0.0 221.12.104.113 1
route outside2 221.7.0.0 255.255.224.0 221.12.104.113 1
route outside2 221.7.32.0 255.255.224.0 221.12.104.113 1
route outside2 221.7.64.0 255.255.224.0 221.12.104.113 1
route outside2 221.7.96.0 255.255.224.0 221.12.104.113 1
route outside2 221.7.128.0 255.255.128.0 221.12.104.113 1
route outside2 221.8.0.0 255.254.0.0 221.12.104.113 1
route outside2 221.10.0.0 255.255.0.0 221.12.104.113 1
route outside2 221.11.0.0 255.255.128.0 221.12.104.113 1
route outside2 221.11.128.0 255.255.192.0 221.12.104.113 1
route outside2 221.11.192.0 255.255.224.0 221.12.104.113 1
route outside2 221.11.224.0 255.255.224.0 221.12.104.113 1
route outside2 221.12.0.0 255.255.128.0 221.12.104.113 1
route outside2 221.12.128.0 255.

255.192.0 221.12.104.113 1
route outside2 221.13.0.0 255.255.192.0 221.12.104.113 1
route outside2 221.13.64.0 255.255.224.0 221.12.104.113 1
route outside2 221.13.96.0 255.255.224.0 221.12.104.113 1
route outside2 221.8.0.0 255.255.0.0 221.12.104.113 1
route outside2 221.13.128.0 255.255.128.0 221.12.104.113 1
route outside2 221.14.0.0 255.254.0.0 221.12.104.113 1
route outside2 221.192.0.0 255.254.0.0 221.12.104.113 1
route outside2 221.194.0.0 255.255.0.0 221.12.104.113 1
route outside2 221.195.0.0 255.255.0.0 221.12.104.113 1
route outside2 221.196.0.0 255.254.0.0 221.12.104.113 1
route outside2 221.198.0.0 255.255.0.0 221.12.104.113 1
route outside2 221.199.0.0 255.255.224.0 221.12.104.113 1
route outside2 221.199.32.0 255.255.240.0 221.12.104.113 1
route outside2 221.199.48.0 255.255.240.0 221.12.104.113 1
route outside2 221.199.64.0 255.255.192.0 221.12.104.113 1
route outside2 221.199.128.0 255.255.192.0 221.12.104.113 1
route outside2 221.199.192.0 255.255.240.0 221.12.104.113 1
route outside2 221.199.224.0 255.255.224.0 221.12.104.113 1
route outside2 221.200.0.0 255.252.0.0 221.12.104.113 1
route outside2 221.204.0.0 255.254.0.0 221.12.104.113 1
route outside2 221.206.0.0 255.255.0.0 221.12.104.113 1
route outside2 221.207.0.0 255.255.192.0 221.12.104.113 1
route outside2 221.207.64.0 255.255.192.0 221.12.104.113 1
route outside2 221.207.128.0 255.255.128.0 221.12.104.113 1
route outside2 221.208.0.0 255.252.0.0 221.12.104.113 1
route outside2 221.212.0.0 255.255.0.0 221.12.104.113 1
route outside2 221.213.0.0 255.255.0.0 221.12.104.113 1
route outside2 221.214.0.0 255.254.0.0 221.12.104.113 1
route outside2 221.216.0.0 255.248.0.0 221.12.104.113 1
route outside2 222.128.0.0 255.252.0.0 221.12.104.113 1
route outside2 222.132.0.0 255.252.0.0 221.12.104.113 1
route outside2 222.136.0.0 255.248.0.0 221.12.104.113 1
route outside2 222.160.0.0 255.254.0.0 221.12.104.113 1
route outside2 222.162.0.0 255.255.0.0 221.12.104.113 1
route outside2 222.163.0.0 255.255.224.0 221.12.104.113 1
route outside2 222.163.32.0 255.255.224.0 221.12.104.113 1
route outside2 222.163.64.0 255.255.192.0 221.12.104.113 1
route outside2 222.163.128.0 255.255.128.0 221.12.104.113 1
timeout xlate 3:00:00
timeout conn 1:00:00 half-closed 0:10:00 udp 0:02:00 icmp 0:00:02
timeout sunrpc 0:10:00 h323 0:05:00 h225 1:00:00 mgcp 0:05:00 mgcp-pat 0:05:00
timeout sip 0:30:00 sip_media 0:02:00 sip-invite 0:03:00 sip-disconnect 0:02:00
timeout uauth 0:05:00 absolute
username cisco password 3USUcOPFUiMCO4Jk encrypted
http server enable
http 192.168.1.0 255.255.255.0 management
no snmp-server location
no snmp-server contact
snmp-server enable traps snmp authentication linkup linkdown coldstart
telnet 0.0.0.0 0.0.0.0 inside
telnet timeout 5
ssh 0.0.0.0 0.0.0.0 outside1
ssh 0.0.0.0 0.0.0.0 outside2
ssh timeout 5
console timeout 0
dhcpd address 192.168.1.2-192.168.1.254 management
dhcpd enable management
!
!
!
prompt ho

stname context
Cryptochecksum:54f7aed252328c48857dbdb9104b2481
: end yonx 2007-10-23 13:51

需要通过SSH(和telnet差不多,不过是加密的,安全些)

Cisco PIX的SSH配置如下:

注:首先进入特权模式PIX(config)#

第一步:

username cisco password cisco //创立远程登录帐户,可任意配置。

第二步:

hostname pixfirewall //配置PIX的主机名,可任意配置。

第三步:

domain-name https://www.360docs.net/doc/024503041.html, // 配置PIX的域名,可任意配置并不影响SSH的使用,以上这两个参数只是供产生SSH KEY时使用。

第四步:

ca gen rsa key 1024 // 产生1024位的rsa密钥。

第五步:

ssh 172.18.124.114 255.255.255.255 outside// 指定可以从外网口以SSH方式telnet PIX的主机IP地址。

第六步:

ssh timeout 10 // 配置SSH会话的超时时间,以秒为单位,可选。

第七步:

passwd cisco // 配置SSH访问的口令,可任意配置。

第八步:

ca save all // 很重要!!保存RSA密钥。否则PIX防火墙重启之后,RSA密钥会丢失。

第九步:wr m //保存当前配置。

第十步:

aaa authentication ssh console local //认证方式采用本地方式,也可以用RADIUS/TACACS+进行认证。

SSH客户端配置如下:

Microsoft Windows平台下有很多种SSH客户端的选择,常用的是putty(A Free Telnet/SSH Client),特点简单易用。当然也可以选用SecureCRT 4.0或其它同类软件。putty最新的版本可以到下面的网页下载:[url]https://www.360docs.net/doc/024503041.html,/~sgtatham/putty/[/url]。

第一步:设定参数


第二步:设定主机和端口


点击“open”按钮。

第三步:在弹出的登录窗口输入用户名和口令。



检查命令如下:

show run //查看当前运行配置,其实和启动配置相同。

show ca mypubkey rsa //查看本地生成的公钥。

sh ssh session //查看SSH会话。

相关主题
相关文档
最新文档