Cisco Cisco IPS 4520 Sensor Libro bianco
56
Appendix B: Configuration Example
August 2012 Series
56
Appendix B:
Configuration Example
ASA Firewall 5545-X
!
ASA Version 8.6(1)1
!
terminal width 511
hostname IE-ASA5545X
domain-name cisco.local
enable password 2y4FIGBVVyBLau0Q encrypted
passwd 2y4FIGBVVyBLau0Q encrypted
names
!
interface GigabitEthernet0/0
no nameif
no security-level
no ip address
!
interface GigabitEthernet0/0.300
vlan 300
nameif inside
security-level 100
ip address 10.4.24.30 255.255.255.224 standby 10.4.24.29
!
interface GigabitEthernet0/1
no nameif
no security-level
no ip address
!
interface GigabitEthernet0/1.1116
description Web server DMZ connection on vlan 1116
vlan 1116
nameif dmz-web
security-level 50
ip address 192.168.16.1 255.255.255.0 standby 192.168.16.2
!
interface GigabitEthernet0/1.1117
description Email Security Appliance DMZ connection on VLAN 1117
vlan 1117
nameif dmz-mail
security-level 50
ip address 192.168.17.1 255.255.255.0 standby 192.168.17.2
!
interface GigabitEthernet0/1.1118
description DMVPN aggregation router connections on VLAN 1118
vlan 1118
nameif dmz-dmvpn
security-level 75
ip address 192.168.18.1 255.255.255.0
!
interface GigabitEthernet0/1.1119
vlan 1119
nameif dmz-wlc
security-level 50
ip address 192.168.19.1 255.255.255.0
!
interface GigabitEthernet0/1.1123
description Management DMZ connection on VLAN 1123
vlan 1123
nameif dmz-management
security-level 50
ip address 192.168.23.1 255.255.255.0 standby 192.168.23.2
!
interface GigabitEthernet0/1.1128
vlan 1128
nameif dmz-guests
security-level 10
ip address 192.168.28.1 255.255.252.0