asa5520双线接入配置实例1_动视

asa5520双线接入配置实例1

2025-10-05 16:06:37 责编:小OO

点击下载本文 文档为doc格式

开通远程登入的命令是什么？

10.0.0.1 内网可以telnet

我想通过 61.175.201.80 telnet防火墙

希望各位大大帮帮忙。

具体配置如下：

ciscoasa# show ip

System IP Addresses:

Interface Name IP address Subnet mask Method

GigabitEthernet0/0 outside1 61.175.201.80 255.255.255.248 CONFIG

GigabitEthernet0/1 outside2 221.12.102.112 255.255.255.248 CONFIG

GigabitEthernet0/2 inside 10.0.0.1 255.255.240.0 CONFIG

Management0/0 management 192.168.1.1 255.255.255.0 CONFIG

Current IP Addresses:

Interface Name IP address Subnet mask Method

GigabitEthernet0/0 outside1 61.175.201.80 255.255.255.248 CONFIG

GigabitEthernet0/1 outside2 221.12.102.112 255.255.255.248 CONFIG

GigabitEthernet0/2 inside 10.0.0.1 255.255.240.0 CONFIG

Management0/0 management 192.168.1.1 255.255.255.0 CONFIG

ciscoasa# show run

: Saved

ASA Version 7.2(2)

hostname ciscoasa

enable password 2KFQnbNIdI.2KYOU encrypted

names

interface GigabitEthernet0/0

nameif outside1

security-level 0

ip address 61.175.201.80 255.255.255.248

interface GigabitEthernet0/1

nameif outside2

security-level 0

ip address 221.12.102.112 255.255.255.248

interface GigabitEthernet0/2

nameif inside

security-level 100

ip address 10.0.0.1 255.255.240.0

interface GigabitEthernet0/3

shutdown

no nameif

no security-level

no ip address

interface Management0/0

nameif management

security-level 100

ip address 192.168.1.1 255.255.255.0

management-only

passwd 2KFQnbNIdI.2KYOU encrypted

ftp mode passive

access-list outside_access_in extended permit icmp any any

access-list mail extended permit 110 any any

access-list mail extended permit 25 any any

access-list mail extended permit icmp any any

access-list mail extended permit tcp any any eq 81

access-list dianxin extended permit ip 10.0.0.0 255.255.240.0 any

access-list test extended permit tcp any any eq smtp

access-list test extended permit icmp any any

access-list test extended permit tcp any any eq pop3

access-list test extended permit tcp any any eq 1970

access-list test extended permit tcp any any eq 1971

access-list test extended permit tcp any any eq www

access-list test extended permit tcp any any eq 5001

access-list test extended permit tcp any any eq pcanywhere-data

access-list test extended permit tcp any any eq 33

access-list test extended permit tcp any any eq 5632

access-list test extended permit tcp any any

access-list test extended permit udp any any

access-list extended extended permit tcp any any

pager lines 24

logging asdm informational

mtu outside1 1500

mtu outside2 1500

mtu inside 1500

mtu management 1500

no failover

icmp unreachable rate-limit 1 burst-size 1

no asdm history enable

arp timeout 14400

global (outside1) 1 interface

global (outside2) 2 interface

nat (inside) 2 access-list wangtong

nat (inside) 1 access-list dianxin

static (inside,outside1) tcp interface 81 10.0.0.101 81 netmask 25

5.255.255.255

static (inside,outside1) tcp interface pop3 10.0.0.101 pop3 netmask 255.255.255.255

static (inside,outside1) tcp interface smtp 10.0.0.101 smtp netmask 255.255.255.255

static (inside,outside2) tcp interface www 10.0.0.99 www netmask 255.255.255.255

static (inside,outside1) tcp interface www 10.0.0.99 www netmask 255.255.255.255

static (inside,outside1) tcp interface 1970 10.0.0.2 1970 netmask 255.255.255.255

static (inside,outside2) tcp interface 1971 10.0.0.2 1971 netmask 255.255.255.255

static (inside,outside1) tcp interface 5001 10.0.0.101 5001 netmask 255.255.255.255

static (inside,outside2) tcp interface pcanywhere-data 10.0.0.108 pcanywhere-data netmask 255.255.255.255

static (inside,outside2) tcp interface 5632 10.0.0.108 5632 netmask 255.255.255.255

static (inside,outside1) tcp interface 5632 10.0.0.108 5632 netmask 255.255.255.255

static (inside,outside1) tcp interface pcanywhere-data 10.0.0.108 pcanywhere-data netmask 255.255.255.255

static (inside,outside1) tcp interface 33 10.0.0.108 33 netmask 255.255.255.255

static (inside,outside2) tcp interface 1970 10.0.0.2 1970 netmask 255.255.255.255

static (inside,outside1) tcp interface 1971 10.0.0.2 1971 netmask 255.255.255.255

access-group test in interface outside1

access-group test in interface outside2

route outside1 0.0.0.0 0.0.0.0 61.175.223. 1

route outside2 58.16.0.0 255.255.0.0 221.12.104.113 1

route outside2 58.17.0.0 255.255.128.0 221.12.104.113 1

route outside2 58.17.128.0 255.255.128.0 221.12.104.113 1

route outside2 58.18.0.0 255.255.0.0 221.12.104.113 1

route outside2 58.19.0.0 255.255.0.0 221.12.104.113 1

route outside2 58.20.0.0 255.255.0.0 221.12.104.113 1

route outside2 58.21.0.0 255.255.0.0 221.12.104.113 1

route outside2 58.22.0.0 255.254.0.0 221.12.104.113 1

route outside2 58.240.0.0 255.254.0.0 221.12.104.113 1

route outside2 58.242.0.0 255.254.0.0 221.12.104.113 1

route outside2 58.244.0.0 255.254.0.0 221.12.104.113 1

route outside2 58.246.0.0 255.254.0.0 221.12.104.113 1

route outside2 58.248.0.0 255.248.0.0 221.12.104.113 1

route outside2 60.0.0.0 255.248.0.0 221.12.104.113 1

route outside2 60.8.0.0 255.254.0.0 221.12.104.113 1

route outside2 60.10.0.0 255.255.0.0 221.12.104.113 1

route outside2 60.11.0.0 255.255.0.0 221.12.104.113 1

route outside2 60.12.0.0 255.255.0.0 221.12.104.113 1

route outside2 60.13.0.0 255.255.192.0 221.12.104.113 1

route outside2 60.13..0 255.255.192.0 221.12.104.113 1

route outside2 60.13.128.0 255.255.128.0 221.12.104.113 1

route outside2 60.14.0.0 255.254.0.0 221.12.104.113 1

route outside2 60.16.0.0 255.248.0.0 221.12.104.113 1

route outside2 60.24.0.0 255.252.0.0 221.12.104.113 1

route outside2 60.28.0.0 255.254.0.0 221.12.104.113 1

route outside2 60.30.0.0 255.255.0.0 221.12.104.113 1

route outside2 60.31.0.0 255.255.0.0 221.12.104.113 1

route outside2 60.208.0.0 255.248.0.0 221.12.104.113 1

route outside2 60.216.0.0 255.254.0.0 221.12.104.113 1

route

outside2 60.218.0.0 255.254.0.0 221.12.104.113 1

route outside2 60.220.0.0 255.252.0.0 221.12.104.113 1

route outside2 61.48.0.0 255.252.0.0 221.12.104.113 1

route outside2 61.52.0.0 255.254.0.0 221.12.104.113 1

route outside2 61.54.0.0 255.255.0.0 221.12.104.113 1

route outside2 61.55.0.0 255.255.0.0 221.12.104.113 1

route outside2 61.133.0.0 255.255.128.0 221.12.104.113 1

route outside2 61.134.96.0 255.255.224.0 221.12.104.113 1

route outside2 61.134.128.0 255.255.192.0 221.12.104.113 1

route outside2 61.134.192.0 255.255.192.0 221.12.104.113 1

route outside2 61.135.0.0 255.255.0.0 221.12.104.113 1

route outside2 61.136.0.0 255.255.192.0 221.12.104.113 1

route outside2 61.136..0 255.255.192.0 221.12.104.113 1

route outside2 61.137.128.0 255.255.128.0 221.12.104.113 1

route outside2 61.138.0.0 255.255.192.0 221.12.104.113 1

route outside2 61.138..0 255.255.192.0 221.12.104.113 1

route outside2 61.138.128.0 255.255.192.0 221.12.104.113 1

route outside2 61.139.128.0 255.255.192.0 221.12.104.113 1

route outside2 61.148.0.0 255.254.0.0 221.12.104.113 1

route outside2 61.156.0.0 255.255.0.0 221.12.104.113 1

route outside2 61.158.0.0 255.255.128.0 221.12.104.113 1

route outside2 61.158.128.0 255.255.128.0 221.12.104.113 1

route outside2 61.159.0.0 255.255.192.0 221.12.104.113 1

route outside2 61.161.0.0 255.255.192.0 221.12.104.113 1

route outside2 61.161.128.0 255.255.128.0 221.12.104.113 1

route outside2 61.162.0.0 255.255.0.0 221.12.104.113 1

route outside2 61.163.0.0 255.255.0.0 221.12.104.113 1

route outside2 61.167.0.0 255.255.0.0 221.12.104.113 1

route outside2 61.168.0.0 255.255.0.0 221.12.104.113 1

route outside2 61.176.0.0 255.255.0.0 221.12.104.113 1

route outside2 61.179.0.0 255.255.0.0 221.12.104.113 1

route outside2 61.180.128.0 255.255.128.0 221.12.104.113 1

route outside2 61.181.0.0 255.255.0.0 221.12.104.113 1

route outside2 61.182.0.0 255.255.0.0 221.12.104.113 1

route outside2 61.1.0.0 255.255.128.0 221.12.104.113 1

route outside2 116.2.0.0 255.254.0.0 221.12.104.113 1

route outside2 121.16.0.0 255.248.0.0 221.12.104.113 1

route outside2 121.24.0.0 255.252.0.0 221.12.104.113 1

route outside2 121.30.0.0 255.255.0.0 221.12.104.113 1

route outside2 121.31.0.0 255.255.0.0 221.12.104.113 1

route outside2 122.136.0.0 255.248.0.0 221.12.104.113 1

route outside2 122.156.0.0 255.252.0.0 221.12.104.113 1

route outside2 122.192.0.0 255.252.0.0 221.12.104.113 1

route outside2 122.198.0.0 255.255.0.0 221.12.104.113 1

route outside2 123.4.0.0 255.252.0.0 221.12.104.113 1

route outside2 123.8.0.0 255.248.0.0 221.12.104.113 1

route outside2 123.112.0.0 255.240.0.0 221.12.104.113 1

route outside2 123.128.0.0 255.248.0.0 221.12.104.113 1

route outside2 123.138.0.0 255.254.0.0 221.12.104.113 1

route outside2 123.144.0.0 255.252.0.0 221.12.104.113 1

route outside2 123.148.0.0 255.255.0.0 221.12.104.113 1

route outside2 123.152.0.0 255.248.0.0 221.12.104.113 1

route outside2 123.188.0.0 255.252.

0.0 221.12.104.113 1

route outside2 123.232.0.0 255.252.0.0 221.12.104.113 1

route outside2 124..0.0 255.254.0.0 221.12.104.113 1

route outside2 124.66.0.0 255.255.128.0 221.12.104.113 1

route outside2 124.67.0.0 255.255.0.0 221.12.104.113 1

route outside2 124.88.0.0 255.255.0.0 221.12.104.113 1

route outside2 124..0.0 255.255.128.0 221.12.104.113 1

route outside2 124..128.0 255.255.128.0 221.12.104.113 1

route outside2 124.90.0.0 255.254.0.0 221.12.104.113 1

route outside2 124.92.0.0 255.252.0.0 221.12.104.113 1

route outside2 124.128.0.0 255.248.0.0 221.12.104.113 1

route outside2 124.160.0.0 255.255.0.0 221.12.104.113 1

route outside2 124.161.0.0 255.255.0.0 221.12.104.113 1

route outside2 124.162.0.0 255.255.0.0 221.12.104.113 1

route outside2 124.163.0.0 255.255.0.0 221.12.104.113 1

route outside2 124.1.0.0 255.252.0.0 221.12.104.113 1

route outside2 125.32.0.0 255.255.0.0 221.12.104.113 1

route outside2 125.33.0.0 255.255.0.0 221.12.104.113 1

route outside2 125.34.0.0 255.255.0.0 221.12.104.113 1

route outside2 125.35.0.0 255.255.128.0 221.12.104.113 1

route outside2 125.35.128.0 255.255.128.0 221.12.104.113 1

route outside2 125.36.0.0 255.252.0.0 221.12.104.113 1

route outside2 125.40.0.0 255.248.0.0 221.12.104.113 1

route outside2 125.211.0.0 255.255.0.0 221.12.104.113 1

route outside2 202.96.0.0 255.255.192.0 221.12.104.113 1

route outside2 202.96..0 255.255.248.0 221.12.104.113 1

route outside2 202.96.72.0 255.255.248.0 221.12.104.113 1

route outside2 202.96.80.0 255.255.240.0 221.12.104.113 1

route outside2 202.97.128.0 255.255.192.0 221.12.104.113 1

route outside2 202.97.192.0 255.255.224.0 221.12.104.113 1

route outside2 202.97.224.0 255.255.248.0 221.12.104.113 1

route outside2 202.97.232.0 255.255.248.0 221.12.104.113 1

route outside2 202.97.240.0 255.255.240.0 221.12.104.113 1

route outside2 202.98.0.0 255.255.248.0 221.12.104.113 1

route outside2 202.98.8.0 255.255.248.0 221.12.104.113 1

route outside2 202.98.16.0 255.255.240.0 221.12.104.113 1

route outside2 202.99.0.0 255.255.192.0 221.12.104.113 1

route outside2 202.99..0 255.255.224.0 221.12.104.113 1

route outside2 202.99.96.0 255.255.248.0 221.12.104.113 1

route outside2 202.99.104.0 255.255.248.0 221.12.104.113 1

route outside2 202.99.112.0 255.255.240.0 221.12.104.113 1

route outside2 202.99.128.0 255.255.224.0 221.12.104.113 1

route outside2 202.99.160.0 255.255.248.0 221.12.104.113 1

route outside2 202.99.168.0 255.255.248.0 221.12.104.113 1

route outside2 202.99.176.0 255.255.240.0 221.12.104.113 1

route outside2 202.99.192.0 255.255.248.0 221.12.104.113 1

route outside2 202.99.200.0 255.255.248.0 221.12.104.113 1

route outside2 202.99.208.0 255.255.240.0 221.12.104.113 1

route outside2 202.99.224.0 255.255.248.0 221.12.104.113 1

route outside2 202.99.232.0 255.255.248.0 221.12.104.113 1

route outside2 202.99.240.0 255.255.240.0 221.12.104.113 1

route outside2 202.102.128.0 255.255.248.0 221.12.104.113 1

oute outside2 202.102.136.0 255.255.248.0 221.12.104.113 1

route outside2 202.102.144.0 255.255.240.0 221.12.104.113 1

route outside2 202.102.160.0 255.255.224.0 221.12.104.113 1

route outside2 202.102.224.0 255.255.248.0 221.12.104.113 1

route outside2 202.102.232.0 255.255.248.0 221.12.104.113 1

route outside2 202.102.240.0 255.255.240.0 221.12.104.113 1

route outside2 202.106.0.0 255.255.0.0 221.12.104.113 1

route outside2 202.107.0.0 255.255.128.0 221.12.104.113 1

route outside2 202.108.0.0 255.255.0.0 221.12.104.113 1

route outside2 202.110.0.0 255.255.192.0 221.12.104.113 1

route outside2 202.110..0 255.255.192.0 221.12.104.113 1

route outside2 202.110.192.0 255.255.192.0 221.12.104.113 1

route outside2 202.111.128.0 255.255.224.0 221.12.104.113 1

route outside2 202.111.160.0 255.255.224.0 221.12.104.113 1

route outside2 203.93.8.0 255.255.255.0 221.12.104.113 1

route outside2 203.93.9.0 255.255.255.0 221.12.104.113 1

route outside2 203.93.10.0 255.255.254.0 221.12.104.113 1

route outside2 203.93.12.0 255.255.252.0 221.12.104.113 1

route outside2 203.93.16.0 255.255.240.0 221.12.104.113 1

route outside2 203.93.32.0 255.255.224.0 221.12.104.113 1

route outside2 203.93..0 255.255.192.0 221.12.104.113 1

route outside2 203.93.128.0 255.255.248.0 221.12.104.113 1

route outside2 203.93.136.0 255.255.252.0 221.12.104.113 1

route outside2 203.93.140.0 255.255.255.0 221.12.104.113 1

route outside2 203.93.141.0 255.255.255.0 221.12.104.113 1

route outside2 203.93.142.0 255.255.254.0 221.12.104.113 1

route outside2 203.93.144.0 255.255.240.0 221.12.104.113 1

route outside2 203.93.160.0 255.255.224.0 221.12.104.113 1

route outside2 203.93.192.0 255.255.192.0 221.12.104.113 1

route outside2 210.13.128.0 255.255.128.0 221.12.104.113 1

route outside2 210.14.160.0 255.255.224.0 221.12.104.113 1

route outside2 210.14.192.0 255.255.224.0 221.12.104.113 1

route outside2 210.14.224.0 255.255.224.0 221.12.104.113 1

route outside2 210.15.32.0 255.255.224.0 221.12.104.113 1

route outside2 210.15..0 255.255.224.0 221.12.104.113 1

route outside2 210.15.96.0 255.255.224.0 221.12.104.113 1

route outside2 210.15.128.0 255.255.192.0 221.12.104.113 1

route outside2 210.21.0.0 255.255.128.0 221.12.104.113 1

route outside2 210.21.128.0 255.255.128.0 221.12.104.113 1

route outside2 210.22.0.0 255.255.0.0 221.12.104.113 1

route outside2 210.51.0.0 255.255.0.0 221.12.104.113 1

route outside2 210.52.0.0 255.255.192.0 221.12.104.113 1

route outside2 210.52..0 255.255.192.0 221.12.104.113 1

route outside2 210.52.128.0 255.255.128.0 221.12.104.113 1

route outside2 210.53.0.0 255.255.128.0 221.12.104.113 1

route outside2 210.53.128.0 255.255.128.0 221.12.104.113 1

route outside2 210.74.96.0 255.255.224.0 221.12.104.113 1

route outside2 210.74.128.0 255.255.224.0 221.12.104.113 1

route outside2 210.78.0.0 255.255.224.0 221.12.104.113 1

route outside2 210.82.0.0 255.254.0.0 221.12.104.113 1

route outside2 211.144.0.0 255.254

.0.0 221.12.104.113 1

route outside2 218.7.0.0 255.255.0.0 221.12.104.113 1

route outside2 218.10.0.0 255.255.0.0 221.12.104.113 1

route outside2 218.11.0.0 255.255.0.0 221.12.104.113 1

route outside2 218.12.0.0 255.255.0.0 221.12.104.113 1

route outside2 218.21.128.0 255.255.128.0 221.12.104.113 1

route outside2 218.24.0.0 255.254.0.0 221.12.104.113 1

route outside2 218.26.0.0 255.255.0.0 221.12.104.113 1

route outside2 218.27.0.0 255.255.0.0 221.12.104.113 1

route outside2 218.28.0.0 255.254.0.0 221.12.104.113 1

route outside2 218.56.0.0 255.252.0.0 221.12.104.113 1

route outside2 218.60.0.0 255.254.0.0 221.12.104.113 1

route outside2 218.62.0.0 255.255.128.0 221.12.104.113 1

route outside2 218.67.128.0 255.255.128.0 221.12.104.113 1

route outside2 218.68.0.0 255.254.0.0 221.12.104.113 1

route outside2 218.104.0.0 255.255.128.0 221.12.104.113 1

route outside2 218.104.128.0 255.255.224.0 221.12.104.113 1

route outside2 218.104.160.0 255.255.224.0 221.12.104.113 1

route outside2 218.104.192.0 255.255.248.0 221.12.104.113 1

route outside2 218.104.200.0 255.255.248.0 221.12.104.113 1

route outside2 218.104.208.0 255.255.240.0 221.12.104.113 1

route outside2 218.104.224.0 255.255.224.0 221.12.104.113 1

route outside2 218.105.0.0 255.255.0.0 221.12.104.113 1

route outside2 218.106.0.0 255.254.0.0 221.12.104.113 1

route outside2 219.154.0.0 255.254.0.0 221.12.104.113 1

route outside2 219.156.0.0 255.254.0.0 221.12.104.113 1

route outside2 219.158.0.0 255.255.128.0 221.12.104.113 1

route outside2 219.158.128.0 255.255.128.0 221.12.104.113 1

route outside2 219.159.0.0 255.255.192.0 221.12.104.113 1

route outside2 219.232.0.0 255.252.0.0 221.12.104.113 1

route outside2 220.248.0.0 255.252.0.0 221.12.104.113 1

route outside2 220.252.0.0 255.255.0.0 221.12.104.113 1

route outside2 221.0.0.0 255.254.0.0 221.12.104.113 1

route outside2 221.2.0.0 255.255.0.0 221.12.104.113 1

route outside2 221.3.0.0 255.255.128.0 221.12.104.113 1

route outside2 221.3.128.0 255.255.128.0 221.12.104.113 1

route outside2 221.4.0.0 255.255.0.0 221.12.104.113 1

route outside2 221.5.0.0 255.255.128.0 221.12.104.113 1

route outside2 221.5.128.0 255.255.128.0 221.12.104.113 1

route outside2 221.6.0.0 255.255.0.0 221.12.104.113 1

route outside2 221.7.0.0 255.255.224.0 221.12.104.113 1

route outside2 221.7.32.0 255.255.224.0 221.12.104.113 1

route outside2 221.7..0 255.255.224.0 221.12.104.113 1

route outside2 221.7.96.0 255.255.224.0 221.12.104.113 1

route outside2 221.7.128.0 255.255.128.0 221.12.104.113 1

route outside2 221.8.0.0 255.254.0.0 221.12.104.113 1

route outside2 221.10.0.0 255.255.0.0 221.12.104.113 1

route outside2 221.11.0.0 255.255.128.0 221.12.104.113 1

route outside2 221.11.128.0 255.255.192.0 221.12.104.113 1

route outside2 221.11.192.0 255.255.224.0 221.12.104.113 1

route outside2 221.11.224.0 255.255.224.0 221.12.104.113 1

route outside2 221.12.0.0 255.255.128.0 221.12.104.113 1

route outside2 221.12.128.0 255.

255.192.0 221.12.104.113 1

route outside2 221.13.0.0 255.255.192.0 221.12.104.113 1

route outside2 221.13..0 255.255.224.0 221.12.104.113 1

route outside2 221.13.96.0 255.255.224.0 221.12.104.113 1

route outside2 221.8.0.0 255.255.0.0 221.12.104.113 1

route outside2 221.13.128.0 255.255.128.0 221.12.104.113 1

route outside2 221.14.0.0 255.254.0.0 221.12.104.113 1

route outside2 221.192.0.0 255.254.0.0 221.12.104.113 1

route outside2 221.194.0.0 255.255.0.0 221.12.104.113 1

route outside2 221.195.0.0 255.255.0.0 221.12.104.113 1

route outside2 221.196.0.0 255.254.0.0 221.12.104.113 1

route outside2 221.198.0.0 255.255.0.0 221.12.104.113 1

route outside2 221.199.0.0 255.255.224.0 221.12.104.113 1

route outside2 221.199.32.0 255.255.240.0 221.12.104.113 1

route outside2 221.199.48.0 255.255.240.0 221.12.104.113 1

route outside2 221.199..0 255.255.192.0 221.12.104.113 1

route outside2 221.199.128.0 255.255.192.0 221.12.104.113 1

route outside2 221.199.192.0 255.255.240.0 221.12.104.113 1

route outside2 221.199.224.0 255.255.224.0 221.12.104.113 1

route outside2 221.200.0.0 255.252.0.0 221.12.104.113 1

route outside2 221.204.0.0 255.254.0.0 221.12.104.113 1

route outside2 221.206.0.0 255.255.0.0 221.12.104.113 1

route outside2 221.207.0.0 255.255.192.0 221.12.104.113 1

route outside2 221.207..0 255.255.192.0 221.12.104.113 1

route outside2 221.207.128.0 255.255.128.0 221.12.104.113 1

route outside2 221.208.0.0 255.252.0.0 221.12.104.113 1

route outside2 221.212.0.0 255.255.0.0 221.12.104.113 1

route outside2 221.213.0.0 255.255.0.0 221.12.104.113 1

route outside2 221.214.0.0 255.254.0.0 221.12.104.113 1

route outside2 221.216.0.0 255.248.0.0 221.12.104.113 1

route outside2 222.128.0.0 255.252.0.0 221.12.104.113 1

route outside2 222.132.0.0 255.252.0.0 221.12.104.113 1

route outside2 222.136.0.0 255.248.0.0 221.12.104.113 1

route outside2 222.160.0.0 255.254.0.0 221.12.104.113 1

route outside2 222.162.0.0 255.255.0.0 221.12.104.113 1

route outside2 222.163.0.0 255.255.224.0 221.12.104.113 1

route outside2 222.163.32.0 255.255.224.0 221.12.104.113 1

route outside2 222.163..0 255.255.192.0 221.12.104.113 1

route outside2 222.163.128.0 255.255.128.0 221.12.104.113 1

timeout xlate 3:00:00

timeout conn 1:00:00 half-closed 0:10:00 udp 0:02:00 icmp 0:00:02

timeout sunrpc 0:10:00 h323 0:05:00 h225 1:00:00 mgcp 0:05:00 mgcp-pat 0:05:00

timeout sip 0:30:00 sip_media 0:02:00 sip-invite 0:03:00 sip-disconnect 0:02:00

timeout uauth 0:05:00 absolute

username cisco password 3USUcOPFUiMCO4Jk encrypted

http server enable

http 192.168.1.0 255.255.255.0 management

no snmp-server location

no snmp-server contact

snmp-server enable traps snmp authentication linkup linkdown coldstart

telnet 0.0.0.0 0.0.0.0 inside

telnet timeout 5

ssh 0.0.0.0 0.0.0.0 outside1

ssh 0.0.0.0 0.0.0.0 outside2

ssh timeout 5

console timeout 0

dhcpd address 192.168.1.2-192.168.1.254 management

dhcpd enable management

prompt ho

hostname context

Cryptochecksum:54f7aed252328c48857dbdb9104b2481

: end yonx 2007-10-23 13:51

需要通过SSH(和telnet差不多，不过是加密的，安全些)

Cisco PIX的SSH配置如下：

注：首先进入模式PIX(config)#

第一步：

username cisco password cisco //创立远程登录帐户，可任意配置。

第二步：

hostname pixfirewall //配置PIX的主机名，可任意配置。

第三步：

domain-name domainname.com // 配置PIX的域名，可任意配置并不影响SSH的使用，以上这两个参数只是供产生SSH KEY时使用。

第四步：

ca gen rsa key 1024 // 产生1024位的rsa密钥。

第五步：

ssh 172.18.124.114 255.255.255.255 outside// 指定可以从口以SSH方式telnet PIX的主机IP地址。

第六步：

ssh timeout 10 // 配置SSH会话的超时时间，以秒为单位，可选。

第七步：

passwd cisco // 配置SSH访问的口令，可任意配置。

第八步：

ca save all // 很重要！！保存RSA密钥。否则PIX防火墙重启之后，RSA密钥会丢失。

第九步：wr m //保存当前配置。

第十步：

aaa authentication ssh console local //认证方式采用本地方式，也可以用RADIUS/TACACS+进行认证。

SSH客户端配置如下：

Microsoft Windows平台下有很多种SSH客户端的选择，常用的是putty（A Free Telnet/SSH Client），特点简单易用。当然也可以选用SecureCRT 4.0或其它同类软件。putty最新的版本可以到下面的网页下载：[url]http://www.chiark.greenend.org.uk/~sgtatham/putty/[/url]。

第一步：设定参数

第二步：设定主机和端口

点击“open”按钮。

第三步：在弹出的登录窗口输入用户名和口令。

检查命令如下：

show run //查看当前运行配置，其实和启动配置相同。

show ca mypubkey rsa //查看本地生成的公钥。

sh ssh session //查看SSH会话。下载本文

显示全文

全部频道