Professional Documents
Culture Documents
ciscoasa>
ciscoasa> enable
Password:
ciscoasa#
ciscoasa# configure terminal
ciscoasa(config)# hostname ASA1
ASA1(config)# interface Mamagement0/0
ASA1(config-if)# nameif mgmt
ASA1(config-if)# security-level 100
ASA1(config-if)# ip address 192.168.1.11 255.255.255.0
ASA1(config-if)# no shutdown
ASA1(config)# interface Ethernet0/1
ASA1(config-if)# no shutdown
ASA1(config)# interface Ethernet0/1.1201
ASA1(config-if)# vlan 1201
ASA1(config-if)# nameif fw1
ASA1(config-if)# security-level 50
ASA1(config-if)# ip address 172.16.61.1 255.255.255.0
ASA1(config)# interface Ethernet0/1.1212
ASA1(config-if)# vlan 1212
ASA1(config-if)# description *** Welcome to the VnPro ***
ASA1(config-if)# nameif svcs
ASA1(config-if)# security-level 99
ASA1(config-if)# ip address 172.16.62.171 255.255.255.240
ASA1(config-if)# end
ASA1#
- Xem li ton b cu hnh:
- Mt tnh nng c bit na l cng vt l ca ASA 5505 c tnh nng nh cng ca thit b
switch. C ngha l trn cng ca ASA, ta c th cu hnh trunking, to vlan, gn cng vo vlan.
V d nh s sau y:
ciscoasa>
ciscoasa> enable
Password:
ciscoasa#
ciscoasa# configure terminal
ciscoasa(config)# hostname ASA5505
ASA5505(config)# interface Ethernet0/5
ASA5505(config-if)# switchport access vlan 100
ASA5505(config-if)# no shutdown
ASA5505(config)# interface Ethernet0/3
ASA5505(config-if)# switchport trunk allow vlan 100, 201
ASA5505(config-if)# switchport mode trunk
ASA5505(config-if)# no shutdown
ASA5505(config)# interface vlan 100
ASA5505(config-vlan)# description *** Management Interface ***
ASA5505(config-vlan)# nameif mgmt
ASA5505(config-vlan)# security-level 100
ASA5505(config-vlan)# ip address 192.168.1.2 255.255.255.0
ASA5505(config-vlan)# no shutdown
ASA5505(config)# interface vlan 201
ASA5505(config-vlan)# description *** DMZ Network ***
ASA5505(config-vlan)# nameif dmz
ASA5505(config-vlan)# security-level 50
ASA5505(config-vlan)# ip address 172.16.201.2 255.255.255.0
ASA5505(config-vlan)# no shutdown
- Xem li ton b cu hnh:
3. Telnet:
- i vi ASA th ch chp nhn gi tin telnet vi ip ngun l mng 192.168.1.0/24 v vi
username mc nh l admin.
- Telnet s dng c s d liu l LOCAL, y l t kha mc nh cho cc dng ASA.
- Cc bc cu hnh
Bc 1: To username v password
ciscoasa(config)# username admin password tnpass privileged 15
nameif name
Ciscoasa# show interface
ip brief
Ciscoasa# show interface
{interface_number}
Hin th thng tin tng qut ca tt c interface, bao gm: trng thi cng (up, down, adminis
cng.
Xem thng tin chi tit cng (a ch MAC, speed, bandwidth, v.v).
Lu :
- Cc bn c th dng cu lnh show ti bt k mode no.
- C th xa cu lnh thc thi va nhp bng cch dng t no trc cu lnh.
- Cisco IOS c tnh nng gi t kha tip theo trong cu lnh vi du ?.
- Mt s phm tt nn nh:
+ Quay li u dng: Ctrl-A
+ Xung cui dng: Ctrl-E
+ Xa 1 dng: Ctrl-X
+ Xa 1 t: Ctrl-W
+ Gi lnh va nhp trc trong b nh m (tng ng pha mi tn up): Ctrl-P
+ Tr v cu lnh va thc thi trc (tng ng phm mi tn down): Ctrl-N
asa5520(config-if)# no sh
asa5520(config-if)# nameif LAN2
INFO: Security level for "LAN2" set to 0 by default.
asa5520(config-if)# security-level 100
asa5520(config-if)# ip address 192.168.2.1 255.255.255.0
Cu hnh telnet:
asa5520(config)# password cisco
asa5520(config)# telnet 10.7.0.0 255.255.255.0 inside
Cu hnh ASDM:
To user truy cp:
asa5520(config)# username admin password admin privilege 15
Cu hnh a ch qun tr:
asa5520# config t
asa5520(config)# int gi0/3
asa5520(config-if)# ip address 192.168.2.1 255.255.255.0
Bt HTTP server:
pixfirewall(config)#http server enable
Cu hnh a ch my qun tr:
pixfirewall(config)#http 192.168.1.1 255.255.255.0 inside
Kim tra thng tin trn Flash:
- Firewall# dir flash:/
Kim tra kt ni n TFTP:
- Firewall# ping 192.168.254.2
Khai bo TFTP:
- Firewall(config)# tftp-server outside 192.168.254.2
Copy t TFTP
- Firewall# copy tftp://192.168.254.2/newimage.bin flash:image
Sau khi upgrade ln phin bn mi phi update li Activation key:
- hostname(config)# activation-key 0xe02888da 0x4ba7bed6 0xf1c123ae 0xffd8624e
Kim tra thng tin license:
- show activation-key detail
Crack PassWord:
Vo RMON thay i gi tr thanh ghi:
rommon #0> confreg
Current Configuration Register: 0x00000001
Configuration Summary:
boot default image from Flash
Do you wish to change this configuration? y/n [n]: y
enable boot to ROMMON prompt? y/n [n]:
enable TFTP netboot? y/n [n]:
enable Flash boot? y/n [n]:
select specific Flash image index? y/n [n]:
disable system configuration? y/n [n]: y