asa5520常用配置（国外英文资料）.docVIP

asa5520常用配置（国外英文资料） Asa5520 basic configuration 2011-05-10 13:22:49 | classification: the default category | : | is large and small subscriptions. The general web organization understands asa5520 The outer net - - - asa5520 - is the Intranet and the DMZ respectively The asa configuration is configured in global mode, much like the cisco route. The first time the firewall has an initial configuration There are key configuration passwords, time, internal IP, and management IP Configure the host name, domain name, and password Host name: ciscoasa5520 (config) # hostname 5520 Domain name: 5520 (config) # domain - name 123.com Password: 5520 (config) # enable password asa5520 (privileged password) 5520 (config) # password cisco (Telnet password) Configure the interface name and security level # 5520 (config) int f0/1 5520 (config) # nameif inside (internal web, DMZ, outside) 5520 (config) # security - level 100 (security level 100, DMZ: 50, outside: 0) 5520 (config) # IP add (configure the IP address) 5520 # no shut (config) # 5520 (config) exit View the interface show interface ipbrief The show interface / 0 f 3, configuring the routing 5520 (config) # route interface name target network segment mask the next jump The default route to the Internet 5520 (config) # ou-outside ...0.1481 (config) # route inside .255.255 54 See route show route Management (enabling Telnet or SSH) 5520 (config) # Telnet IP or web segment mask interface Example: 5520 (config) # Telnet 0 inside (indicating only this IP address, Telnet asa) 5520 (config) # Telnet inside (for the IP segment Telnet asa) Set Telnet timeout 5520 (config) # Telnet timeout 30 units SSH for cryptographic transfer (RSA key pair) # 5520 (config) cryto key generate rsa modulus. 1024 Connection 5520 (config) # SSH inside 5520 (config) # SSH 00 outside allows any IP connection to the outer network Configure idle timeout SSH timeout 30 SSH version 2 5, remote access to ASDM (ciscos adaptive security manager) The client