Cisco Cisco ASA 5585-X with No Payload Encryption Manual Técnico

!

interface Management0/0

 nameif management

 security−level 0

 ip address 172.22.1.160 255.255.255.0 

 management−only

!

passwd 9jNfZuG3TC5tCVH0 encrypted

ftp mode passive

access−list acl_outside_in extended permit icmp any host 172.16.1.50 

access−list acl_inside_in extended permit ip 10.2.2.0 255.255.255.0 any 

access−list acl_dmz_in extended permit icmp 192.168.1.0 255.255.255.0 any

pager lines 24

logging enable

logging buffered debugging

mtu outside 1500

mtu inside 1500

mtu dmz 1500

mtu management 1500

asdm image disk0:/asdm−613.bin

no asdm history enable

arp timeout 14400

global (outside) 1 172.16.1.100

global (dmz) 1 192.168.1.100

nat (inside) 1 10.2.2.0 255.255.255.0

static (dmz,outside) 172.16.1.50 192.168.1.50 netmask 255.255.255.255 

static (inside,dmz) 10.2.2.200 10.2.2.200 netmask 255.255.255.255 

access−group acl_outside_in in interface outside

access−group acl_inside_in in interface inside

access−group acl_dmz_in in interface dmz

timeout xlate 3:00:00

timeout conn 1:00:00 half−closed 0:10:00 udp 0:02:00 icmp 0:00:02

timeout sunrpc 0:10:00 h323 0:05:00 h225 1:00:00 mgcp 0:05:00 mgcp−pat 0:05:00

timeout sip 0:30:00 sip_media 0:02:00 sip−invite 0:03:00 sip−disconnect 0:02:00

timeout uauth 0:05:00 absolute

http server enable

http 0.0.0.0 0.0.0.0 dmz

no snmp−server location

no snmp−server contact

snmp−server enable traps snmp authentication linkup linkdown coldstart

telnet timeout 5

ssh timeout 5

console timeout 0

!

class−map inspection_default

 match default−inspection−traffic

!

!

policy−map type inspect dns preset_dns_map

 parameters

  message−length maximum 512

policy−map global_policy