Cisco ASA 5505 防火墙怎么设置?

发布网友发布时间：2024-01-26 11:35

共1个回答

热心网友时间：2024-01-26 14:06

Cisco ASA5550防火墙配置VPN总结
一、网络拓扑
|172.x.x.x
|outside
|========|=========|
| |-----Internet 61.x.x.x
|========|=========|
|inside
|133.x.x.x

防火墙分别配置三个端口，端口名称和IP地址分配如上。VPN Client的IP Address Pool为100.100.100.0 255.255.255.0。
二、配置过程
1、建立动态map
crypto ipsec transform-set myset esp-aes-256 esp-sha-hmac
crypto dynamic-map dymap 1 set transform-set myset
crypto dynamic-map dymap 1 set reverse-route
crypto map mymap 1 ipsec-isakmp dynamic dymap
crypto map mymap interface Internet
crypto isakmp enable Internet
crypto isakmp policy 10
authentication pre-share
encryption 3des
hash sha
group 2
lifetime 86400
crypto isakmp nat-traversal 20
2、建立tunnel group

参考资料：http://www.gzhxnet.com/viewthread.php?tid=362&extra=