Cisco Cisco ASA 5555-X Adaptive Security Appliance 产品宣传页

(config-if)# nameif inside

(config-if)# ip address 10.1.1.1 255.255.255.0

(config)# interface GigabitEthernet0/1

(config-if)# no shutdown

(config-if)# nameif outside-1

(config-if)# ip address 192.168.6.5 255.255.255.0

(config)# interface GigabitEthernet0/2

(config-if)# no shutdown

(config-if)# nameif outside-2

(config-if)# ip address 172.16.7.6 255.255.255.0

그런 다음 트래픽 일치를 위해 access-list를 구성해야 합니다.

(config)# access-list acl-1 permit ip 10.1.0.0 255.255.0.0

(config)# access-list acl-2 permit ip 10.2.0.0 255.255.0.0

일치 기준이 필수 설정 작업과 함께 수행되므로 위의 access-list를 지정하여 경로 맵을 구성해야 합

니다.

(config)# route-map equal-access permit 10

(config-route-map)# match ip address acl-1

(config-route-map)# set ip next-hop 192.168.6.6

(config)# route-map equal-access permit 20

(config-route-map)# match ip address acl-2

(config-route-map)# set ip next-hop 172.16.7.7

(config)# route-map equal-access permit 30

(config-route-map)# set ip interface Null0

이제, 이 경로 맵은 인터페이스에 연결되어야 합니다.

(config)# interface GigabitEthernet0/0

(config-if)# policy-route route-map equal-access

정책 라우팅 구성을 표시합니다.

(config)# show policy-route

Interface                   Route map

GigabitEthernet0/0   equal-access