Comunidad de usuarios de banda ancha e internet móvil

hosting en interdominios

Regístrate Identifícate
85 lecturas y 16 respuestas
  • Problemas con un CISCO ASA

    Llevo varios días rompiéndome la cabeza con un CISCO ASA 5505 que tenemos que configurar en la empresa. He configurado las interfaces (inside, outside y dmz) y he creado las reglas de nateo para poder pasar de una interface a otra pero no tengo cojones. Os dejo la salida del comando show run a ver si alguien se apiada de mi.

    ciscoasa(config)# show run
    : Saved
    :
    ASA Version 7.2(2)
    !
    hostname ciscoasa
    domain-name default.domain.invalid
    enable password xxxxxxxxxx encrypted
    names
    !
    interface Vlan1
    nameif inside
    security-level 100
    ip address 192.168.0.7 255.255.255.0
    ospf cost 10
    !
    interface Vlan2
    nameif outside
    security-level 0
    ip address dhcp setroute
    ospf cost 10
    !
    interface Vlan3
    nameif dmz
    security-level 50
    ip address 192.168.2.1 255.255.255.0
    !
    interface Ethernet0/0
    switchport access vlan 2
    !
    interface Ethernet0/1
    switchport access vlan 3
    !
    interface Ethernet0/2
    !
    interface Ethernet0/3
    shutdown
    !
    interface Ethernet0/4
    shutdown
    !
    interface Ethernet0/5
    shutdown
    !
    interface Ethernet0/6
    !
    interface Ethernet0/7
    !
    passwd xxxxxxxxxxxxx encrypted
    ftp mode passive
    clock timezone WET 0
    dns server-group DefaultDNS
    domain-name default.domain.invalid
    same-security-traffic permit intra-interface
    access-list outside_access_in extended permit tcp any host xxxxxxxxxxxx eq www
    access-list inside_access_out extended permit icmp 192.168.0.0 255.255.255.0 192
    .168.2.0 255.255.255.0
    pager lines 24
    logging enable
    logging asdm informational
    mtu inside 1500
    mtu outside 1500
    mtu dmz 1500
    no failover
    icmp unreachable rate-limit 1 burst-size 1
    asdm image disk0:/asdm-522.bin
    no asdm history enable
    arp timeout 14400
    global (outside) 200 interface
    global (dmz) 200 192.168.2.3-192.168.2.254 netmask 255.255.255.0
    nat (inside) 200 192.168.0.0 255.255.255.0
    access-group inside_access_out out interface in
    access-group outside_access_in in interface outside
    timeout xlate 3:00:00
    timeout conn 1:00:00 half-closed 0:10:00 udp 0:02:00 icmp 0:00:02
    timeout sunrpc 0:10:00 h323 0:05:00 h225 1:00:00 mgcp 0:05:00 mgcp-pat 0:05:00
    timeout sip 0:30:00 sip_media 0:02:00 sip-invite 0:03:00 sip-disconnect 0:02:00
    timeout uauth 0:05:00 absolute
    http server enable
    http 192.168.0.0 255.255.255.0 inside
    no snmp-server location
    no snmp-server contact
    snmp-server enable traps snmp authentication linkup linkdown coldstart
    telnet timeou
    ssh timeout 5
    console timeout 0
    dhcpd auto_config outside
    !

    !
    class-map inspection_default
    match default-inspection-traffic
    !
    !
    policy-map type inspect dns preset_dns_map
    parameters
    message-length maximum 512
    policy-map global_policy
    class inspection_default
    inspect dns preset_dns_map
    inspect ftp
    inspect h323 h225
    inspect h323 ras
    inspect rsh
    inspect rtsp
    inspect esmtp
    inspect sqlnet
    inspect skinny
    inspect sunrpc
    inspect xdmcp
    inspect sip
    inspect netbios
    inspect tftp
    !
    service-policy global_policy global
    prompt hostname context
    Cryptochecksum:d0a00b60241f6aee1cc46ac8cad012b8
    : end
    ciscoasa(config)#

    Este tema es antiguo y puede contener información obsoleta. Abre un nuevo tema para publicar tu mensaje.
    1