Scribd Logo
Unggah

Selamat datang di Scribd!

  • Cisco ASA Firewall Configuration

    Diunggah oleh

    Kailash Suthar
    204 tayangan4 halaman
    Cisco ASA Firewall Basic configuration: hostname IND-ASA-FW1 enable password abcd@1234. Interface GigabitEthernet0 / 0 description "connected to SW1 Gig1 / 1" nameif outside security-level 0 ip address 10.125.0. 255.255.255.248 standby 10.125.0.

    Deskripsi Asli:

    Hak Cipta

    © Attribution Non-Commercial (BY-NC)

    Format Tersedia

    PDF, TXT atau baca online dari Scribd

    Apakah menurut Anda dokumen ini bermanfaat?

    Apakah konten ini tidak pantas?

    Laporkan Dokumen Ini
    Cisco ASA Firewall Basic configuration: hostname IND-ASA-FW1 enable password abcd@1234. Interface GigabitEthernet0 / 0 description "connected to SW1 Gig1 / 1" nameif outside security-level 0 ip address 10.125.0. 255.255.255.248 standby 10.125.0.

    Hak Cipta:

    Attribution Non-Commercial (BY-NC)
    Unduh sebagai PDF, TXT atau baca online dari Scribd
    Tandai sebagai konten tidak pantas
    204 tayangan4 halaman

    Cisco ASA Firewall Configuration

    Diunggah oleh

    Kailash Suthar
    Cisco ASA Firewall Basic configuration: hostname IND-ASA-FW1 enable password abcd@1234. Interface GigabitEthernet0 / 0 description "connected to SW1 Gig1 / 1" nameif outside security-level 0 ip address 10.125.0. 255.255.255.248 standby 10.125.0.

    Hak Cipta:

    Attribution Non-Commercial (BY-NC)
    Unduh sebagai PDF, TXT atau baca online dari Scribd
    Tandai sebagai konten tidak pantas
    dari 4

    Cisco ASA Firewall Basic configuration:

    hostname IND-ASA-FW1 enable password abcd@1234 ! interface GigabitEthernet0/0 description "connected to SW1 Gig1/1" nameif outside security-level 0 ip address 10.125.0.1 255.255.255.248 standby 10.125.0.2 ! interface GigabitEthernet0/1 description "connected to SW2 Gig1/1" nameif Server-farm security-level 50 ip address 10.100.0.41 255.255.255.248 standby 10.100.0.42 ! interface GigabitEthernet0/2 shutdown no nameif no security-level no ip address interface GigabitEthernet0/3 description ### towards inter-vrf-firewall ### nameif inside security-level 100 ip address 10.121.0.1 255.255.255.0 standby 10.121.0.2 ! interface Management0/0 description LAN/STATE Failover Interface ! ! ! banner exec **********Please contact Kailash (+91-9555911222) prior making any changes********** banner login ***********************************Warning******************************* This equipment belongs to Dai Networks and all the activities performed during this session will be monitored. Any attempt of unauthorized changes to the configuration is strictly prohibited and responsible persons may be prosecuted. ************************************************************************* ftp mode passive clock timezone GMT 5 30 same-security-traffic permit inter-interface logging enable

    logging timestamp logging buffered debugging logging history informational logging asdm informational logging host inside 10.100.6.8 mtu outside 1500 mtu Server-farm 1500 mtu inter-vrf 1500 failover failover lan unit secondary failover lan interface folink Management0/0 failover link folink Management0/0 failover interface ip folink 172.168.1.1 255.255.255.252 standby 172.168.1.2 icmp unreachable rate-limit 1 burst-size 1 icmp permit any outside asdm image disk0:/asdm-635.bin no asdm history enable arp timeout 14400 route outside 0.0.0.0 0.0.0.0 10.100.0.38 1 route inter-vrf 10.2.240.68 255.255.255.255 10.100.0.25 1 route Server-farm 10.100.7.96 255.255.255.224 10.100.0.43 1 timeout xlate 3:00:00 timeout timeout 0:05:00 timeout 0:02:00 timeout timeout conn 1:00:00 half-closed 0:10:00 udp 0:02:00 icmp 0:00:02 sunrpc 0:10:00 h323 0:05:00 h225 1:00:00 mgcp 0:05:00 mgcp-pat sip 0:30:00 sip_media 0:02:00 sip-invite 0:03:00 sip-disconnect sip-provisional-media 0:02:00 uauth 0:05:00 absolute tcp-proxy-reassembly 0:01:00

    aaa-server tacacs protocol tacacs+ aaa-server tacacs (inter-vrf) host 10.100.6.73 key ***** aaa authentication enable console tacacs LOCAL aaa authentication ssh console tacacs LOCAL aaa authentication http console tacacs LOCAL aaa authorization command tacacs LOCAL aaa accounting command tacacs http server enable http 0.0.0.0 0.0.0.0 inter-vrf snmp-server host inter-vrf 10.100.6.90 community ***** version 2c no snmp-server location no snmp-server contact snmp-server community ***** snmp-server enable traps snmp authentication linkup linkdown coldstart snmp-server enable traps syslog snmp-server enable traps entity config-change fru-insert fru-remove sysopt connection preserve-vpn-flows service resetoutside

    telnet timeout 5 ssh 10.100.0.112 255.255.255.240 inter-vrf ssh timeout 10 ssh version 2 console timeout 10 management-access inter-vrf threat-detection basic-threat threat-detection statistics access-list no threat-detection statistics tcp-intercept ntp server 10.100.0.1 source inter-vrf prefer policy-map global_policy class inspection_default inspect dns preset_dns_map inspect h323 h225 inspect h323 ras inspect rsh inspect rtsp inspect esmtp inspect sqlnet inspect sunrpc inspect xdmcp <--- More ---> inspect inspect inspect inspect inspect inspect inspect sip netbios tftp ip-options ftp icmp http

    ! service-policy global_policy global

    Banner ***********************************Warning******************************* ******** This equipment belongs to John Keells BPO and all the activities performed ** during this session will be monitored. Any attempt of unauthorized changes ** to the configuration is strictly prohibited and responsible persons may be ** prosecuted. ** **********************************************************************

    Anda mungkin juga menyukai