packet tracer 6 配置防火墙asa

dust2017 · 发表于 2017-5-1 23:25:32

能把原配置详细发出来吗

dust2017 · 发表于 2017-5-1 23:27:01

FireWall#show run : Saved : ASA Version 8.4(2) ! hostname FireWall enable password 4IncP7vTjpaba2aF encrypted names ! interface Ethernet0/0 ! interface Ethernet0/1 switchport access vlan 2 ! interface Ethernet0/2 ! interface Ethernet0/3 ! interface Ethernet0/4 ! interface Ethernet0/5 ! interface Ethernet0/6 ! interface Ethernet0/7 ! interface Vlan1 nameif inside security-level 100 ip address 192.168.1.1 255.255.255.0 ! interface Vlan2 nameif outside security-level 0 ip address 100.100.100.100 255.255.255.0 ! object network cisco host 192.168.1.2 object network myNatPool ! route inside 192.0.0.0 255.0.0.0 192.168.1.2 1 route outside 0.0.0.0 0.0.0.0 100.100.100.10 1 ! ! ipv6 access-list 10 permit udp any any ipv6 access-list 10 permit icmp any any ! access-group 10 in interface outside object network cisco nat (inside,outside) static 192.168.1.2 ! ! ! ! ! policy-map cisco ! ! telnet timeout 5 ssh timeout 5 ! dhcpd address 192.168.1.5-192.168.1.35 inside dhcpd enable inside ! dhcpd auto_config outside ! ! ! ! ! FireWall# SHOW RUN : Saved : ASA Version 8.4(2) ! hostname FireWall enable password 4IncP7vTjpaba2aF encrypted names ! interface Ethernet0/0 ! interface Ethernet0/1 switchport access vlan 2 ! interface Ethernet0/2 ! interface Ethernet0/3 ! interface Ethernet0/4 ! interface Ethernet0/5 ! interface Ethernet0/6 ! interface Ethernet0/7 ! interface Vlan1 nameif inside security-level 100 ip address 192.168.1.1 255.255.255.0 ! interface Vlan2 nameif outside security-level 0 ip address 100.100.100.100 255.255.255.0 ! object network cisco host 192.168.1.2 object network myNatPool ! route inside 192.0.0.0 255.0.0.0 192.168.1.2 1 route outside 0.0.0.0 0.0.0.0 100.100.100.10 1 ! ! ipv6 access-list 10 permit udp any any ipv6 access-list 10 permit icmp any any ! access-group 10 in interface outside object network cisco nat (inside,outside) static 192.168.1.2 ! ! ! ! ! policy-map cisco ! ! telnet timeout 5 ssh timeout 5 ! dhcpd address 192.168.1.5-192.168.1.35 inside dhcpd enable inside ! dhcpd auto_config outside ! ! ! ! ! FireWall

dust2017 · 发表于 2017-5-1 23:28:16

FireWall#show run : Saved : ASA Version 8.4(2) ! hostname FireWall enable password 4IncP7vTjpaba2aF encrypted names ! interface Ethernet0/0 ! interface Ethernet0/1 switchport access vlan 2 ! interface Ethernet0/2 ! interface Ethernet0/3 ! interface Ethernet0/4 ! interface Ethernet0/5 ! interface Ethernet0/6 ! interface Ethernet0/7 ! interface Vlan1 nameif inside security-level 100 ip address 192.168.1.1 255.255.255.0 ! interface Vlan2 nameif outside security-level 0 ip address 100.100.100.100 255.255.255.0 ! object network cisco host 192.168.1.2 object network myNatPool ! route inside 192.0.0.0 255.0.0.0 192.168.1.2 1 route outside 0.0.0.0 0.0.0.0 100.100.100.10 1 ! ! ipv6 access-list 10 permit udp any any ipv6 access-list 10 permit icmp any any ! access-group 10 in interface outside object network cisco nat (inside,outside) static 192.168.1.2 ! ! ! ! ! policy-map cisco ! ! telnet timeout 5 ssh timeout 5 ! dhcpd address 192.168.1.5-192.168.1.35 inside dhcpd enable inside ! dhcpd auto_config outside ! ! ! ! ! FireWall# SHOW RUN : Saved : ASA Version 8.4(2) ! hostname FireWall enable password 4IncP7vTjpaba2aF encrypted names ! interface Ethernet0/0 ! interface Ethernet0/1 switchport access vlan 2 ! interface Ethernet0/2 ! interface Ethernet0/3 ! interface Ethernet0/4 ! interface Ethernet0/5 ! interface Ethernet0/6 ! interface Ethernet0/7 ! interface Vlan1 nameif inside security-level 100 ip address 192.168.1.1 255.255.255.0 ! interface Vlan2 nameif outside security-level 0 ip address 100.100.100.100 255.255.255.0 ! object network cisco host 192.168.1.2 object network myNatPool ! route inside 192.0.0.0 255.0.0.0 192.168.1.2 1 route outside 0.0.0.0 0.0.0.0 100.100.100.10 1 ! ! ipv6 access-list 10 permit udp any any ipv6 access-list 10 permit icmp any any ! access-group 10 in interface outside object network cisco nat (inside,outside) static 192.168.1.2 ! ! ! ! ! policy-map cisco ! ! telnet timeout 5 ssh timeout 5 ! dhcpd address 192.168.1.5-192.168.1.35 inside dhcpd enable inside ! dhcpd auto_config outside ! ! ! ! ! FireWall

dust2017 · 发表于 2017-5-1 23:31:40

FireWall#show run
: Saved
:
ASA Version 8.4(2)
!
hostname FireWall
enable password 4IncP7vTjpaba2aF encrypted
names
!
interface Ethernet0/0
!
interface Ethernet0/1
switchport access vlan 2
!
interface Ethernet0/2
!
interface Ethernet0/3
!
interface Ethernet0/4
!
interface Ethernet0/5
!
interface Ethernet0/6
!
interface Ethernet0/7
!
interface Vlan1
nameif inside
security-level 100
ip address 192.168.1.1 255.255.255.0
!
interface Vlan2
nameif outside
security-level 0
ip address 100.100.100.100 255.255.255.0
!
object network cisco
host 192.168.1.2
object network myNatPool

!
route inside 192.0.0.0 255.0.0.0 192.168.1.2 1
route outside 0.0.0.0 0.0.0.0 100.100.100.10 1
!
!
ipv6 access-list 10 permit udp any any
ipv6 access-list 10 permit icmp any any
!
access-group 10 in interface outside
object network cisco
nat (inside,outside) static 192.168.1.2
!
!
!
!
!
policy-map cisco
!
!
telnet timeout 5
ssh timeout 5
!
dhcpd address 192.168.1.5-192.168.1.35 inside
dhcpd enable inside
!
dhcpd auto_config outside
!
!
!
!
!
FireWall# SHOW RUN
: Saved
:
ASA Version 8.4(2)
!
hostname FireWall
enable password 4IncP7vTjpaba2aF encrypted
names
!
interface Ethernet0/0
!
interface Ethernet0/1
switchport access vlan 2
!
interface Ethernet0/2
!
interface Ethernet0/3
!
interface Ethernet0/4
!
interface Ethernet0/5
!
interface Ethernet0/6
!
interface Ethernet0/7
!
interface Vlan1
nameif inside
security-level 100
ip address 192.168.1.1 255.255.255.0
!
interface Vlan2
nameif outside
security-level 0
ip address 100.100.100.100 255.255.255.0
!
object network cisco
host 192.168.1.2
object network myNatPool

!
route inside 192.0.0.0 255.0.0.0 192.168.1.2 1
route outside 0.0.0.0 0.0.0.0 100.100.100.10 1
!
!
ipv6 access-list 10 permit udp any any
ipv6 access-list 10 permit icmp any any
!
access-group 10 in interface outside
object network cisco
nat (inside,outside) static 192.168.1.2
!
!
!
!
!
policy-map cisco
!
!
telnet timeout 5
ssh timeout 5
!
dhcpd address 192.168.1.5-192.168.1.35 inside
dhcpd enable inside
!
dhcpd auto_config outside
!
!
!
!
!
FireWall
ping不同，不知道问题出在哪里

hmxaur · 发表于 2017-5-2 09:32:37

好东西谢谢楼主分享

old73 · 发表于 2017-5-29 00:48:18

ASA Version 8.4(2)
!
hostname ciscoasa
names
!
interface Ethernet0/0
switchport access vlan 2
!
interface Ethernet0/1
!
interface Ethernet0/2
!
interface Ethernet0/3
!
interface Ethernet0/4
!
interface Ethernet0/5
!
interface Ethernet0/6
!
interface Ethernet0/7
!
interface Vlan1
nameif inside
security-level 100
ip address 10.0.0.1 255.255.255.0
!
interface Vlan2
nameif outside
security-level 0
ip address 10.0.1.1 255.255.255.0
!
object network fw1
host 10.0.0.254
!
route inside 192.168.13.0 255.255.255.0 10.0.0.254 1
route inside 192.168.23.0 255.255.255.0 10.0.0.254 1
route inside 192.168.33.0 255.255.255.0 10.0.0.254 1
!
!
ipv6 access-list 100 permit icmp any any
ipv6 access-list 100 permit tcp any any established
!
access-group 100 in interface inside
access-group 100 in interface outside
object network fw1
nat (inside,outside) dynamic interface
!
!
!
!
!
!
!
telnet timeout 5
ssh timeout 5
!
dhcpd enable inside
!
dhcpd auto_config outside
!
!
!
!
!
ciscoasa#

我现在在主机192.168.13.1上ping 10.0.0.1能通，但ping 10.0.1.1不通

账号		自动登录	找回密码
密码			论坛注册

[原创] packet tracer 6 配置防火墙asa

浏览过的版块

客服中心

投诉建议