Cisco asa 5505 和 asa 5510 ipsec vpn

asa5510# show run : Saved : ASA Version 8.0(2) ! hostname asa5510 domain-name 1cisco.com.cn enable password FgQ836L.2fG/AEir encrypted names dns-guard ! interface Ethernet0/0 nameif outside security-level 0 ip address x.x.x.22 255.255.255.

asa5510# show run
: Saved
:
ASA Version 8.0(2)
!
hostname asa5510
domain-name 1cisco.com.cn
enable password FgQ836L.2fG/AEir encrypted
names
dns-guard
!
interface Ethernet0/0
nameif outside
security-level 0
ip address x.x.x.22 255.255.255.248
!
interface Ethernet0/1
nameif inside
security-level 100
ip address 192.168.1.1 255.255.255.0
!
interface Ethernet0/2
shutdown
no nameif
no security-level
no ip address
!
interface Ethernet0/3
shutdown
no nameif
no security-level
no ip address
!
interface Management0/0
nameif management
security-level 100
ip address 1.1.1.1 255.255.255.0
management-only
!
passwd WXjstPgDOxFTLAaA encrypted
ftp mode passive
dns server-group DefaultDNS
domain-name 1cisco.com.cn
object-group network Public
network-object host 192.168.1.2
network-object host 192.168.1.3
network-object host 192.168.1.4
network-object host 192.168.1.5
network-object host 192.168.1.6
network-object host 192.168.1.7
network-object 192.168.1.12 255.255.255.255
network-object 192.168.1.8 255.255.255.255
network-object 192.168.1.250 255.255.255.255
network-object 192.168.1.245 255.255.255.255
network-object 192.168.1.34 255.255.255.255
network-object 192.168.1.134 255.255.255.255
network-object host 192.168.1.46
access-list 102 extended permit tcp any host 192.168.1.8 eq smtp
access-list 102 extended permit tcp any host 192.168.1.8 eq 135
access-list 102 extended permit tcp any host 192.168.1.8 eq imap4
access-list 102 extended permit tcp any host 192.168.1.8 eq pop3
access-list 102 extended permit icmp any any
access-list 102 extended permit ip any any
access-list 100 extended permit ip 192.168.1.0 255.255.255.0 192.168.101.0 255.255.255.0
access-list nonat extended permit ip 192.168.1.0 255.255.255.0 192.168.101.0 255.255.255.0
pager lines 24
logging enable
logging monitor debugging
logging asdm informational
mtu outside 1500
mtu inside 1500
mtu management 1500
icmp unreachable rate-limit 1 burst-size 1
asdm image disk0:/asdm-602.bin
no asdm history enable
arp timeout 14400
nat-control
global (outside) 1 interface
nat (inside) 0 access-list nonat
nat (inside) 1 192.168.1.0 255.255.255.0
access-group 102 in interface outside
route outside 0.0.0.0 0.0.0.0 x.x.x.211 1
timeout xlate 3:00:00
timeout conn 1:00:00 half-closed 0:10:00 udp 0:02:00 icmp 0:00:02
timeout sunrpc 0:10:00 h323 0:05:00 h225 1:00:00 mgcp 0:05:00 mgcp-pat 0:05:00
timeout sip 0:30:00 sip_media 0:02:00 sip-invite 0:03:00 sip-disconnect 0:02:00
timeout uauth 0:05:00 absolute
dynamic-access-policy-record DfltAccessPolicy
aaa authentication ssh console LOCAL
http server enable
http 0.0.0.0 0.0.0.0 outside
http 0.0.0.0 0.0.0.0 inside
http 192.168.1.0 255.255.255.0 management
no snmp-server location
no snmp-server contact
snmp-server enable traps snmp authentication linkup linkdown coldstart
crypto ipsec transform-set myset esp-3des esp-sha-hmac
crypto map outside_map 20 match address 100
crypto map outside_map 20 set peer x.x.x.3
crypto map outside_map 20 set transform-set myset
crypto map outside_map interface outside
crypto isakmp identity address
crypto isakmp enable outside
crypto isakmp policy 10
authentication pre-share
encryption 3des
hash sha
group 2
lifetime 86400
telnet 0.0.0.0 0.0.0.0 inside
telnet timeout 5
ssh 0.0.0.0 0.0.0.0 outside
ssh 0.0.0.0 0.0.0.0 inside
ssh timeout 30
ssh version 2
console timeout 0
dhcpd dns 192.168.1.2
!
threat-detection basic-threat
threat-detection statistics host
threat-detection statistics access-list
!
class-map inspection_default
match default-inspection-traffic
!
!
policy-map type inspect dns migrated_dns_map_1
parameters
message-length maximum 512
policy-map global_policy
class inspection_default
inspect dns migrated_dns_map_1
inspect ftp
inspect h323 h225
inspect h323 ras
inspect rsh
inspect rtsp
inspect sqlnet
inspect skinny
inspect sunrpc
inspect xdmcp
inspect sip
inspect netbios
inspect tftp
inspect esmtp
!
service-policy global_policy global
username cisco password W0ATeFBkCO3ErmVn encrypted privilege 15
tunnel-group x.x.x.3 type ipsec-l2l
tunnel-group x.x.x.3 ipsec-attributes
pre-shared-key *
prompt hostname context
Cryptochecksum:8eaf5e991c9b33fc2ccbe760ed1262eb
: end
asa5510#

BT无线网络破解教程

asa5505# show run
: Saved
:
ASA Version 8.0(3)6
!
hostname asa5505
domain-name 2cisco.com
enable password PVSASRJovmamnVkD encrypted
passwd PVSASRJovmamnVkD encrypted
names
!
interface Vlan2
nameif outside
security-level 0
ip address x.x.x.3 255.255.255.0
ospf cost 10
!
interface Vlan3
nameif inside
security-level 100
ip address 192.168.101.1 255.255.255.0
ospf cost 10
!
interface Ethernet0/0
switchport access vlan 3
!BT4
interface Ethernet0/1
switchport access vlan 2
!
interface Ethernet0/2
!
interface Ethernet0/3
!
interface Ethernet0/4
!
interface Ethernet0/5
!
interface Ethernet0/6
!
interface Ethernet0/7
!
ftp mode passive
clock timezone GMT 0
dns server-group 123
dns server-group DefaultDNS
domain-name 2cisco.com
access-list 101 extended permit icmp any any
access-list 101 extended permit ip any any
access-list 101 extended permit tcp any host 192.168.1.8 eq 3389
access-list 100 extended permit ip 192.168.101.0 255.255.255.0 192.168.1.0 255.255.255.0
access-list nonat extended permit ip 192.168.101.0 255.255.255.0 192.168.1.0 255.255.255.0
pager lines 24
logging enable
logging monitor debugging
logging asdm informational
mtu outside 1500思科学习视频资料下载中心
mtu inside 1500
icmp unreachable rate-limit 1 burst-size 1
asdm image disk0:/asdm-602.bin
no asdm history enable
arp timeout 14400
nat-control
global (outside) 1 interface
nat (inside) 0 access-list nonat
nat (inside) 1 192.168.101.0 255.255.255.0
access-group 101 in interface outside
route outside 0.0.0.0 0.0.0.0 x.x.x.2 1
timeout xlate 3:00:00
timeout conn 1:00:00 half-closed 0:10:00 udp 0:02:00 icmp 0:00:02
timeout sunrpc 0:10:00 h323 0:05:00 h225 1:00:00 mgcp 0:05:00 mgcp-pat 0:05:00
timeout sip 0:30:00 sip_media 0:02:00 sip-invite 0:03:00 sip-disconnect 0:02:00
timeout sip-provisional-media 0:02:00 uauth 0:05:00 absolute
dynamic-access-policy-record DfltAccessPolicy
aaa authentication ssh console LOCAL
aaa authentication http console LOCAL
aaa authentication telnet console LOCAL
http server enable
http 0.0.0.0 0.0.0.0 inside
http 0.0.0.0 0.0.0.0 outside
no snmp-server location思科路由器配置
no snmp-server contact
snmp-server enable traps snmp authentication linkup linkdown coldstart
crypto ipsec transform-set myset esp-3des esp-sha-hmac
crypto map outside_map 20 match address 100
crypto map outside_map 20 set peer x.x.x.22

crypto map outside_map 20 set transform-set myset
crypto map outside_map interface outside
crypto isakmp identity address
crypto isakmp enable outside
crypto isakmp policy 10
authentication pre-share
encryption 3des
hash sha
group 2思科路由器
lifetime 86400
crypto isakmp policy 65535
authentication pre-share
encryption 3des
hash sha
group 2
lifetime 86400
telnet 0.0.0.0 0.0.0.0 inside
telnet timeout 5
ssh 0.0.0.0 0.0.0.0 outside
ssh 0.0.0.0 0.0.0.0 inside
ssh timeout 30
ssh version 2
console timeout 0
dhcpd address 192.168.101.2-192.168.101.33 inside
dhcpd dns 168.95.1.1 interface inside
dhcpd enable inside
!

threat-detection basic-threat
threat-detection statistics port
threat-detection statistics protocol
threat-detection statistics access-list
username admin password eY/fQXw7Ure8Qrz7 encrypted privilege 15
tunnel-group x.x.x.22 type ipsec-l2l
tunnel-group x.x.x.22 ipsec-attributes
pre-shared-key *
!
class-map inspection_default
match default-inspection-traffic
!
!
policy-map type inspect dns preset_dns_map
parameters思科路由器交换机模拟软件
message-length maximum 512
policy-map global_policy
class inspection_default
inspect dns preset_dns_map
inspect ftp
inspect h323 h225
inspect h323 ras
inspect rsh
inspect rtsp
inspect esmtp
inspect sqlnet
inspect skinny
inspect sunrpc
inspect xdmcp
inspect sip
inspect netbios
inspect tftp
!
service-policy global_policy global
prompt hostname context
Cryptochecksum:1d450a0a7194d182bf892fc9de2e12f4
: end

linux 系统 思科论坛 Cisco
张sir CCIE R&S v4.0 课程视频总集 Linux论坛
Cisco N7K 的硬件架构 Cisco R&S N4 版本解密视频分享 CCIE Security 2009 IOS防火墙合集
http://bbs.net527.cn/forum-26-1.html
http://www.net527.cn/a/luyoujiaohuan/index.html
http://www.net527.com

http://linux.net527.cn/index.html

郑重声明:本文版权包含图片归原作者所有,转载文章仅为传播更多信息之目的,如作者信息标记有误,请第一时间联系我们(delete@yzlfxy.com)修改或删除,多谢。

郑重声明:本文版权归原作者所有,转载文章仅为传播更多信息之目的,如作者信息标记有误,请第一时间联系我们修改或删除,多谢。

留言与评论(共有 0 条评论)
昵称:
匿名发表
   
验证码: