Scribd Logo
Hochladen

Willkommen bei Scribd!

  • Asa 5520

    Hochgeladen von

    Venkatesh Koppula
    12 Ansichten9 Seiten

    Originaltitel

    ASA 5520.xlsx

    Copyright

    © © All Rights Reserved

    Verfügbare Formate

    XLSX, PDF, TXT oder online auf Scribd lesen

    Stufen Sie dieses Dokument als nützlich ein?

    Sind diese Inhalte unangemessen?

    Dieses Dokument melden

    Copyright:

    © All Rights Reserved
    Als XLSX, PDF, TXT herunterladen oder online auf Scribd lesen
    Markieren Sie unangemessene Inhalte
    12 Ansichten9 Seiten

    Asa 5520

    Hochgeladen von

    Venkatesh Koppula

    Copyright:

    © All Rights Reserved
    Als XLSX, PDF, TXT herunterladen oder online auf Scribd lesen
    Markieren Sie unangemessene Inhalte
    von 9

    sw ASA 5520

    vlan database conf t


    vlan 50 int g0
    vlan 60 no ip add
    exit no nameif
    na security-level
    conf t no sh

    int fa1/1 int g0.50


    sw mo acc vlan 50
    sw acc vlan 50 ip add 10.1.1.1 255.255.255.0
    no sh
    int fa1/2 nameif vlan-50
    sw mo acc security-level 100
    sw acc vlan 60
    int g0.60
    int fa1/15 vlan 60
    sw mo trunk ip add 20.1.1.1 255.255.255.0
    sw trunk allowed vlan all no sh
    nameif vlan-60
    int vlan 50 security-level 100
    ip add 10.1.1.2 255.255.255.0
    no sh int g1
    ip add 30.1.1.1 255.255.255.0
    int vlan 60 no sh
    ip add 20.1.1.2 255.255.255.0 nameif outside
    no sh security-level 0
    exit
    end router eigrp 100
    wr net 10.1.1.0
    net 20.1.1.0
    net 30.1.1.0
    no auto-summary
    exit
    fixup protocol icmp
    same-security-traffic permit inter-interface

    access-list out-in extended permit icmp any any


    access-group out-in in interface outside
    end
    wr
    R1
    conf t
    int fa0/0
    ip add 30.1.1.2 255.255.255.0
    no sh
    exit
    router eigrp 100
    net 30.1.1.0
    no auto-summary
    end
    wr
    SW38 ASA 36
    Conf t Int vlan 10
    Hostname sw38 Nameif inside
    Vlan 10 Security-level 100
    Name sales Ip add 10.1.1.18 255.255.255.0
    ! No shut
    Line vty 0 15 Exit
    Password golars !
    Login Int vlan 20
    Exit Nameif outside
    ! Security-level 0
    Line con 0 Ip add 20.1.1.18 255.255.255.0
    Password golars No shut
    Login exit
    Exit !
    ! Interface Ethernet0/2
    logging syn Switchport mode access
    ! Switchport access vlan 10
    Int f0/1 Speed 100
    Switchport Duplex full
    Switchport mode access No shut
    Switchport access vlan 10 exit
    Speed 100 !
    Duplex full Router ospf 1
    no shut Network 10.1.1.0 255.255.255.0 area 0
    Exit Network 20.1.1.0 255.255.255.0 area 0
    ! !
    Int vlan 10 Interface Ethernet0/3
    Ip add 10.1.1.17 255.255.255.0 Switchport mode access
    No shut Switchport access vlan 20
    Exit Speed 100
    ! Duplex full
    Ip default-gateway 10.1.1.18 no shut
    ! !
    End Exit
    ! !

    Access-list outside-inside extended permit


    Wr icmp any any
    Access-group outside-inside in interface
    ! outside
    End
    !
    Wr
    !
    conf t
    router ospf 1
    no network 10.1.1.0 255.255.255.0 area 0
    no network 20.1.1.0 255.255.255.0 area 0
    exit
    !
    route outside 0.0.0.0 0.0.0.0 20.1.1.2
    !
    object network INSIDE-PRIVATE-IP
    host 10.1.1.17
    object network INSIDE-PUBLIC-IP
    host 20.1.1.10

    nat (inside,outside) source static INSIDE-


    PRIVATE-IP INSIDE-PUBLIC-IP
    exit
    !
    wr mem
    !
    ping 20.1.1.10

    Dynamic Nat
    !
    object network my-range
    range 20.1.1.10 20.1.1.15
    exit
    !
    object network ny-inside-net
    subnet 10.1.1.0 255.255.255.0
    nat inside,outside) dynamic my-range
    exit
    !
    Dynamic PAT
    conf t
    object network my-inside-net
    subnet 10.1.1.0 255.255.255.0
    nat (inside,outside) dynamic 20.1.1.10
    OR
    nat (inside,outside) dynamic interface
    exit
    !
    Static PAT
    conf t
    object network my-inside-ip
    host 10.1.1.17
    nat (inside,outside) static 20.1.1.10
    OR
    nat (inside,outside) static interface
    R35 R42(routed port)
    Int g0/0 Conf t
    Ip add 20.1.1.2 255.255.255.0 Int f0/0
    No shut Ip add 40.1.1.1 255.255.255.0
    ! No shut
    Int s0/3/0 exit
    Ip add 30.1.1.1 255.255.255.252 !
    No shut Int s0/1/0
    ! Ip add 30.1.1.2 255.255.255.252
    Router ospf 1 No shut
    Network 30.1.1.0 0.0.0.3 area 0 Clock rate 64000
    Network 20.1.1.0 0.0.0.255 area 0 !
    ! Router ospf 1
    end Router-id 58.58.58.58
    Wr Network 30.1.1.0 0.0.0.3 area 0
    ! Network 40.1.1.0 0.0.0.255 area 0
    !
    End
    !
    Wr
    !
    ASA 63(5510 & 5520) SW64
    Conf t Conf t
    Int e0/2 Hostname sw64
    No shut Vlan 50
    Vlan 50 Name hr
    Nameif inside !
    Security-level 100 Line vty 0 15
    Ip add 50.1.1.18 255.255.255.0 Password golars
    No shut Login
    Exit Exit
    ! !
    Int e0/1 Line con 0
    Nameif outside Password golars
    Security-level 0 Login
    Ip add 40.1.1.2 255.255.255.0 Exit
    No shut !
    exit logging syn
    ! !
    Router ospf 1 Int f0/1
    Router-id 60.60.60.60 Switchport mode access
    Network 40.1.1.0 255.255.255.0 area 0 Switchport access vlan 50
    Network 50.1.1.0 255.255.255.0 area 0 Speed 100
    ! Duplex full
    Exit No shut
    ! Exit
    Access-list outside-inside extended permit icmp any any !
    Access-group outside-inside in interface outside Int vlan 50
    End Ip add 50.1.1.17 255.255.255.0
    ! No shut
    Wr Exit
    ! !
    conf t Ip default-gateway 50.1.1.18
    router ospf 1 !
    Network 40.1.1.0 255.255.255.0 area 0 End
    no Network 50.1.1.0 255.255.255.0 area 0 !
    exit Wr

    ! !
    route ouside 0.0.0.0 0.0.0.0 40.1.1.1
    !
    nat (inside) 1 50.1.1.0 255.255.255.0
    global (outside) 1 interface
    static (inside,outside) 40.1.1.10 50.1.1.17 netmask 255.255.255.255
    exit
    !
    wr mem

    Das könnte Ihnen auch gefallen