取消
显示结果 
搜索替代 
您的意思是: 
cancel
2251
查看次数
0
有帮助
0
回复

asa8.0 透明模式 部署在服务器前面 外网不能访问服务器页面的视频

fishlonely
Level 1
Level 1
asa8.0 透明模式,部署在服务器前面,端口全放通,外网还是不能访问到内网的服务器视频服务。外网能telnet内网服务器所有端口号。
ciscoasa(config)# sh run
: Saved
:
ASA Version 8.0(4)
!
firewall transparent
hostname ciscoasa
enable password .pqTEpRSbjzD0Og8 encrypted
passwd 2KFQnbNIdI.2KYOU encrypted
names
!
interface GigabitEthernet0/0
nameif outside
security-level 0
!
interface GigabitEthernet0/1
nameif inside
security-level 100
!
interface GigabitEthernet0/2
shutdown
no nameif
no security-level
!
interface GigabitEthernet0/3
shutdown
no nameif
no security-level
!
interface Management0/0
shutdown
no nameif
no security-level
management-only
!
ftp mode passive
access-list out2in extended permit tcp any host 211.141.155.174 eq 81
access-list in2out extended permit ip any any
access-list in2out extended permit tcp any any
access-list in2out extended permit udp any any
pager lines 24
mtu outside 1500
mtu inside 1500
ip address 211.141.155.170 255.255.255.0
no failover
icmp unreachable rate-limit 1 burst-size 1
no asdm history enable
arp timeout 14400
access-group in2out in interface outside
access-group in2out in interface inside
timeout xlate 3:00:00
timeout conn 1:00:00 half-closed 0:10:00 udp 0:02:00 icmp 0:00:02
timeout sunrpc 0:10:00 h323 0:05:00 h225 1:00:00 mgcp 0:05:00 mgcp-pat 0:05:00
timeout sip 0:30:00 sip_media 0:02:00 sip-invite 0:03:00 sip-disconnect 0:02:00
timeout sip-provisional-media 0:02:00 uauth 0:05:00 absolute
dynamic-access-policy-record DfltAccessPolicy
no snmp-server location
no snmp-server contact
snmp-server enable traps snmp authentication linkup linkdown coldstart
crypto ipsec security-association lifetime seconds 28800
crypto ipsec security-association lifetime kilobytes 4608000
telnet timeout 5
ssh timeout 5
console timeout 0
threat-detection basic-threat
threat-detection statistics access-list
no threat-detection statistics tcp-intercept
!
class-map inspection_default
match default-inspection-traffic
class-map conns3000
match port tcp eq 81
!
!
policy-map type inspect dns preset_dns_map
parameters
message-length maximum 512
policy-map global_policy
class inspection_default
inspect dns preset_dns_map
inspect ftp
inspect h323 h225
inspect h323 ras
inspect rsh
inspect rtsp
inspect esmtp
inspect sqlnet
inspect skinny
inspect sunrpc
inspect xdmcp
inspect sip
inspect netbios
inspect tftp
inspect ctiqbe
inspect dcerpc
inspect http
inspect icmp
inspect ils
inspect ipsec-pass-thru
inspect mgcp
inspect pptp
inspect snmp
inspect waas
policy-map conns3000
class conns3000
set connection conn-max 1000 embryonic-conn-max 3000
set connection timeout tcp 0:00:00
!
service-policy global_policy global
service-policy conns3000 interface inside
prompt hostname context
Cryptochecksum:963e6ba8c26beced1ebeca0d7c6d5a7c
: end
ciscoasa(config)#


0 条回复0
入门指南

使用上面的搜索栏输入关键字、短语或问题,搜索问题的答案。

我们希望您在这里的旅程尽可能顺利,因此这里有一些链接可以帮助您快速熟悉思科社区:









快捷链接