static =Map a higher security level host address to global
(internal_if_name,external_if_name) internal_if_name is the Internal or prenat interface and external_if_name is the External or postnat interface
xxx.xxx.xxx.xxx =Global or mapped address yyy.yyy.yyy.yyy =Real IP address of the host or hosts
<0-65535> =The maximum number of simultaneous tcp connections the local IP hosts are to allow, default is 0 which means unlimited connections. Idle connections are closed after the time specified by the timeout conn command
<0-65535> =The maximum number of embryonic connections per host
ACCESS LIST Configured #access-listaccess-list-nameextend permit tcp eqport_number Example #access-list PEA-OTO extend permit tcp 172.30.98.0 255.255.255.0 172.30.98.186 255.255.255.255 eq 2020
Create user and allow them to connect to Cisco ASA by SSH version 2 #ssh version 2 #username your_username password your_password #aaa authentication ssh console LOCAL
Allow connection by ip and interface #ssh xxx.xxx.xxx.xxx sss.sss.sss.sss interface_name xxx.xxx.xxx.xxx = ip address sss.sss.sss.sss = Subnetmask for ip address interface_name = interface name
.End.
ความคิดเห็น
ไม่ระบุชื่อ กล่าวว่า
Your blog keeps getting better and better! Your older articles are not as good as newer ones you have a lot more creativity and originality now keep it up!
ความคิดเห็น