Lab1-ASA5505 動態圖***

網上搜不到ASA5505動態圖加密***配置具體案例文檔，發表一個。

asa5505 ios-825 動態***配置
ASA5505總部配置

ASA Version 8.2(5)

hostname C-FW

enable password aMoTHvjlJ2eSVOPB encrypted

passwd aMoTHvjlJ2eSVOPB encrypted

interface Ethernet0/0

switchport access vlan 10

interface Ethernet0/1

switchport access vlan 20

interface Vlan10

nameif outside

security-level 0

ip address 192.168.9.59 255.255.255.0

interface Vlan20

nameif inside

security-level 100

ip address 191.168.1.1 255.255.255.0

object-group network local

network-object 191.168.1.0 255.255.255.0

object-group network remote

network-object 191.168.2.0 255.255.255.0

access-list 101 extended permit ip any any

access-list 101 extended permit icmp any any

access-list *** extended permit ip object-group local object-group remote

access-list nonat extended permit ip object-group local object-group remote

global (outside) 1 interface

nat (inside) 0 access-list nonat

nat (inside) 1 0.0.0.0 0.0.0.0

access-group 101 in interface outside

route outside 0.0.0.0 0.0.0.0 192.168.9.1 1

crypto ipsec transform-set spring esp-des esp-sha-hmac

crypto ipsec security-association lifetime seconds 28800

crypto ipsec security-association lifetime kilobytes 4608000

crypto dynamic-map dm*** 10 set transform-set spring

crypto map ***map 9 match address ***

crypto map ***map 10 ipsec-isakmp dynamic dm***

crypto map ***map interface outside

crypto isakmp enable outside

crypto isakmp policy 10

authentication pre-share

encryption 3des

hash sha

group 2

lifetime 86400

telnet 0.0.0.0 0.0.0.0 inside

tunnel-group DefaultL2LGroup ipsec-attributes

pre-shared-key *****

ASA5505分部配置

ASA Version 8.2(5)

hostname apartment

enable password aMoTHvjlJ2eSVOPB encrypted

passwd aMoTHvjlJ2eSVOPB encrypted

names

interface Ethernet0/0

switchport access vlan 10

interface Ethernet0/1

switchport access vlan 20

interface Vlan10

nameif outside

security-level 0

ip address 192.168.210.112 255.255.255.0

interface Vlan20

nameif inside

security-level 100

ip address 191.168.2.1 255.255.255.0

object-group network local-lan

network-object 191.168.2.0 255.255.255.0

object-group network remote-lan

network-object 191.168.1.0 255.255.255.0

access-list ***acl extended permit ip object-group local-lan object-group remote-lan

access-list nonat extended permit ip object-group local-lan object-group remote-lan

access-list wan extended permit ip any any

access-list wan extended permit icmp any any

global (outside) 1 interface

nat (inside) 0 access-list nonat

nat (inside) 1 0.0.0.0 0.0.0.0

access-group wan in interface outside

route outside 0.0.0.0 0.0.0.0 192.168.210.1 1

crypto ipsec transform-set spring esp-des esp-sha-hmac

crypto ipsec security-association lifetime seconds 28800

crypto ipsec security-association lifetime kilobytes 4608000

crypto map ***map 10 match address ***acl

crypto map ***map 10 set peer 192.168.9.59

crypto map ***map 10 set transform-set spring

crypto map ***map interface outside

crypto isakmp enable outside

crypto isakmp policy 10

authentication pre-share

encryption 3des

hash sha

group 2

lifetime 86400

telnet 0.0.0.0 0.0.0.0 outside

ssh 0.0.0.0 0.0.0.0 outside

ssh version 2

username spring password y7hhCuJ3JPnu5JRZ encrypted

tunnel-group 192.168.9.59 type ipsec-l2l

tunnel-group 192.168.9.59 ipsec-attributes

pre-shared-key *****

Lab1-ASA5505 動態圖***

【簡寫Mybatis-02】註冊機的實現以及SqlSession處理

手繪二維碼

.NET藉助虛擬網卡實現一個簡單異地組網工具

TOMCAT安裝手冊-Linux環境下

Linux基礎

zabbix郵件報警配置

我的友情鏈接

Linux基礎

Mac下配置sublime實現LaTeX

https://yachay.unat.edu.pe/blog/index.php?comment_area=format_blog&comment_component=blog&comment_co

linux以太網驅動總結