Cisco Cisco ASA 5515-X Adaptive Security Appliance - No Payload Encryption 기술 매뉴얼
shutdown
no nameif
no security−level
no ip address
!
interface GigabitEthernet0/3
shutdown
no nameif
no security−level
no ip address
!
interface Management0/0
nameif management
security−level 100
ip address 172.18.85.174 255.255.255.0
!
passwd 2KFQnbNIdI.2KYOU encrypted
boot system disk0:/asa721−k8.bin
ftp mode passive
dns server−group DefaultDNS
domain−name cisco.com
access−list outside_cryptomap extended permit ip any 10.10.55.0 255.255.255.0
access−list something extended permit ip any any
pager lines 24
mtu outside 1500
mtu inside 1500
mtu management 1500
ip local pool pool1 10.10.55.1−10.10.55.254 mask 255.255.255.0
no failover
icmp permit any inside
icmp permit any management
asdm image disk0:/asdm521.bin
no asdm history enable
arp timeout 14400
access−group something in interface outside
access−group something in interface inside
route inside 172.18.85.181 255.255.255.255 10.10.20.1 1
route inside 0.0.0.0 0.0.0.0 10.10.20.1 tunneled
route outside 0.0.0.0 0.0.0.0 209.165.200.226 1
route inside 172.18.85.0 255.255.255.0 10.10.20.1 1
timeout xlate 3:00:00
timeout conn 1:00:00 half−closed 0:10:00 udp 0:02:00 icmp 0:00:02
timeout sunrpc 0:10:00 h323 0:05:00 h225 1:00:00 mgcp 0:05:00 mgcp−pat 0:05:00
timeout sip 0:30:00 sip_media 0:02:00 sip−invite 0:03:00 sip−disconnect 0:02:00
timeout uauth 0:05:00 absolute
aaa−server authgroup protocol radius
aaa−server authgroup host 172.18.85.181
timeout 5
key cisco123
authentication−port 1812
accounting−port 1813
aaa−server test protocol radius
aaa−server test host 10.10.20.162
key cisco123
accounting−port 1813
aaa−server CAS_Accounting protocol radius
aaa−server CAS_Accounting host 10.10.20.162
key cisco123
authentication−port 1812
accounting−port 1813
radius−common−pw cisco123
group−policy vpngroup internal
group−policy vpngroup attributes
wins−server value 172.18.108.40 172.18.108.41
dns−server value 172.18.108.40 172.18.108.41
vpn−tunnel−protocol IPSec