clear config all
nterface Ethernet0
address
218.1.1.1 255.255.255.252
nameif outside
no shut
int e1
ip add 192.168.1.1 255.255.255.0
nameif inside
no shut
exit
route outside 0 0 218.1.1.2
route inside 192.168.0.0 255.255.0.0 192.168.1.2
nat (inside) 1 192.168.0.0 255.255.0.0
global (outside) 1 interface
access-list outside-filter permit icmp
access-group outside-filter in interface outside
access-list inside-filter permit udp any any eq 4500
access-list inside-filter deny udp any any gt 1024
access-list inside-filter extended permit ip any any
access-group inside-filter in int inside
telnet 0.0.0.0 0.0.0.0 inside
ssh 0 0 outside
crypto key generate rsa
asa5505稍 有不同:
interface Vlan2
nameif outside
security-level 0
ip address 218.1.1.1 255.255.255.252
interface Vlan3
nameif inside
security-level 100
ip address 192.168.1.1 255.255.255.0
int e0/0
sw mode acc
sw acc vlan 2
ine e0/1
sw mode acc
sw acc vlan 3
ip address 192.168.0.1 255.255.255.0
文章转载至