思科PIX防火墙VPN的配置实例

80酷酷网    80kuku.com

  

  一、Pix-Pix

  PIX Central

  Building configuration...

  : Saved

  :

  PIX Version 6.3(3)

  in terface ethernet0 auto

  interface ethernet1 auto

  nameif ethernet0 outside security0

  nameif ethernet1 inside security100

  enable password 8Ry2YjIyt7RRXU24 encrypted

  passwd 2KFQnbNIdI.2KYOU encrypted

  hostname pix-central

  fixup protocol dns maximum-length 512

  fixup protocol ftp 21

  fixup protocol h323 h225 1720

  fixup protocol h323 ras 1718-1719

  fixup protocol http 80

  fixup protocol rsh 514

  fixup protocol rtsp 554

  fixup protocol sip 5060

  fixup protocol sip udp 5060

  fixup protocol skinny 2000

  fixup protocol smtp 25

  fixup protocol sqlnet 1521

  fixup protocol tftp 69

  names

  !--- This is traffic to PIX 2.

  access-list 120 permit ip 10.1.1.0 255.255.255.0 10.2.2.0 255.255.255.0

  !--- This is traffic to PIX 3.

  access-list 130 permit ip 10.1.1.0 255.255.255.0 10.3.3.0 255.255.255.0

  !--- Do not do Network Address Translation (NAT) on traffic to other PIXes.

  access-list 100 permit ip 10.1.1.0 255.255.255.0 10.2.2.0 255.255.255.0

  access-list 100 permit ip 10.1.1.0 255.255.255.0 10.3.3.0 255.255.255.0

  pager lines 24

  logging on

  mtu outside 1500

  mtu inside 1500

  ip address outside 172.18.124.153 255.255.255.0

  ip address inside 10.1.1.1 255.255.255.0

  ip audit info action alarm

  ip audit attack action alarm

  pdm history enable



分享到
  • 微信分享
  • 新浪微博
  • QQ好友
  • QQ空间
点击: