pixfirewall# show run6 U7 l; w; L7 P, Z
: Saved! k5 A# y1 Z* a* o( A* V0 K
:
: D7 k+ { }& CPIX Version 7.2(1)
( P8 r( q/ u; e8 i!
, v5 O" d5 O# m- G5 Q& {& Yhostname pixfirewall
/ c( _/ `: f7 v) |' Z8 \5 o. henable password 2KFQnbNIdI.2KYOU encrypted/ |1 b. b4 c, q0 v: A( L1 |" Z! R
names
Q. _( m6 |9 ~, [ ]% B!
* I' V7 S! @; K3 |interface Ethernet0
- H2 g9 J" H$ g3 V* C description conn_S3300
J0 z& ]$ U6 M! ~" h1 @. _9 k, h# Y nameif inside
1 X# ~. u6 y4 K4 F1 z- @% V& _8 q security-level 100
5 g9 }" a, G$ M" t: A6 q ip address 192.16.11.125 255.255.255.128 standby 192.16.11.126, R! t3 {6 |1 Z% }% y6 {
!/ J: f1 _4 J4 V+ Y- c- U9 f' F
interface Ethernet1
" T+ e# E& ]! P2 x \$ D/ ] description conn_CMNET9 B6 D* h0 q9 G* T& f( n6 X" V
nameif outside6 Q/ F' {$ q$ O- @% `
security-level 0
4 B0 m1 U: C' u/ {0 \/ @ ip address 192.17.1.100 255.255.255.248 standby 192.17.1.1019 y& Q1 f9 V1 @+ B
!' _8 K/ Q0 U% M5 I4 p
interface Ethernet2
. Z; r E5 r- ]2 B; L# Q$ X# } description STATE Failover Interface
8 Q! p6 C5 P+ i2 Y& \) a I; E!. u1 T# i0 z8 q
interface Ethernet3$ M7 s. i2 n1 X5 J7 ^6 o( ^ D
shutdown( Y) v. Y" E: b+ [7 c2 C+ W
no nameif& O6 y v; x+ v3 e
no security-level( A4 R9 W ]6 q$ |6 e
no ip address
' a/ R8 P2 H- {0 H' R U!9 s5 e; @! x P1 O; n5 J# e: q" V
interface Ethernet48 l/ v, }0 P8 N& x
shutdown% P, k5 F* H! F
no nameif
1 [; z+ n$ H" Y: i5 M no security-level' f6 n, a0 O" h# F, P0 R) n
no ip address
/ @4 c) P5 q3 k2 R6 ?+ _" e!
' N1 |* E; Z* A& h+ \- iinterface Ethernet5
; l9 _* u+ s) f1 W4 F# a9 `3 w no nameif
. Q- c7 S0 \9 Q1 N" f6 A' @ no security-level0 ?4 N; J% C% X! h3 Z
no ip address
& W& p1 @9 ?) t' K4 B!
" B5 |5 b% B9 H0 O1 Apasswd 2KFQnbNIdI.2KYOU encrypted
( |- T2 ]3 ^7 A( [* V' w' Tftp mode passive+ I! }9 B4 z/ ~/ ~. U
access-list inside extended permit ip any any4 W4 O, i p* i2 c2 s
access-list inside extended permit icmp any any
6 X( q9 X; A# [" t) L+ `# Oaccess-list outside extended permit ip any any9 N0 |, i2 s% p" j
access-list outside extended permit icmp any any
% `/ h5 c4 ~& D+ x' zpager lines 24
5 c4 }8 |/ T' Omtu outside 1500) u, a& n7 s# F$ K) A; u
mtu inside 1500
7 t1 v! j* |0 O; v+ Rfailover0 L& ]; B1 ~/ N8 ~0 n
failover link state Ethernet2; k6 \, g$ v; z% v
failover interface ip state 1.1.1.1 255.255.255.0 standby 1.1.1.2- P4 G' Q9 A5 ]4 F
icmp permit any outside
2 w* I) x: M, R6 |2 wno asdm history enable% u: C+ p( \7 k! d# E8 c
arp timeout 14400
8 F$ _, W/ U2 [% Nglobal (outside) 1 222.111.11.52
8 t' V: g& z# i9 ]nat (inside) 1 192.16.11.0 255.255.255.128
. ` I% h; U& J/ Y& fstatic (inside,outside) 222.111.11.53 192.16.11.1 netmask 255.255.255.2557 ~8 P: k* |8 a5 l
access-group outside in interface outside
$ ~# u! s1 P9 W4 R' i+ c* qaccess-group inside in interface inside# u; b# | G$ R* C y% L
route outside 0.0.0.0 0.0.0.0 192.17.1.97 1
) c) r$ I7 q+ _, u# Ztimeout xlate 3:00:00! z$ n6 L1 y7 n. X! {! I
timeout conn 1:00:00 half-closed 0:10:00 udp 0:02:00 icmp 0:00:02% J# v: H3 w. N( a" l8 e* f
timeout sunrpc 0:10:00 h323 0:05:00 h225 1:00:00 mgcp 0:05:00 mgcp-pat 0:05:00
1 |0 ~4 j3 A: I8 l& Ltimeout sip 0:30:00 sip_media 0:02:00 sip-invite 0:03:00 sip-disconnect 0:02:00
* `. H0 A* {1 s, ~" J% e! s. Ytimeout uauth 0:05:00 absolute( b/ g% k, k- g2 b& f
no snmp-server location
9 Y) ~0 J5 ]- l' q: E4 ino snmp-server contact
' \0 _& T" u) ~6 Jsnmp-server enable traps snmp authentication linkup linkdown coldstart 9 `( B; D9 x' F' Z" N/ y) V
telnet 0.0.0.0 0.0.0.0 outside* Q/ F" H3 I5 d
telnet 0.0.0.0 0.0.0.0 inside
" H. h7 I6 V4 ltelnet timeout 5
; v! v# k9 c$ c: E, ]4 E4 t' {5 ~ssh timeout 5
! G9 Y5 t- }$ U3 B! Sconsole timeout 0
u2 B7 d; Q: `" R1 n% h9 u" v!
' k/ H% O% M) }+ z/ T1 F, Wclass-map inspection_default
u5 B* }' Y/ T match default-inspection-traffic1 A! O2 Z. N# A: y' o
!
b0 A0 u- @& e# V6 Z( v4 n6 N# L!
! G6 v \" b+ V3 G3 a! Kpolicy-map type inspect dns preset_dns_map' e% |1 {2 i" o# I( f' }! }
parameters
( d/ j( g, ~2 o* G message-length maximum 512
. K9 m6 ^3 U! n3 B2 v* Bpolicy-map global_policy( j1 x/ E+ }- w2 q6 N% p; m# K# b
class inspection_default
8 V# K# X5 E& T inspect dns preset_dns_map
9 Y" r$ y7 \4 M( Y/ |- V inspect ftp
& z/ m. p6 n& B+ N1 w inspect h323 h225
4 [: B. M! V0 ?6 v1 p3 Z inspect h323 ras0 E+ v ~& p- t; W/ n7 C
inspect netbios) n/ ^+ \& D/ | `' L. z# q
inspect rsh
/ H, u9 b2 }0 n! f) F. g, Q inspect rtsp
# i0 E% {6 B. k7 F inspect skinny1 z9 l K) q8 h q
inspect esmtp) D' j+ F- v- G* A
inspect sqlnet
^' _" c0 F- S% d& ^ inspect sunrpc0 S4 A/ @( }2 L# b: ~. ~2 w
inspect tftp) {; }- n0 L7 D/ y6 R e
inspect sip f- q; l1 x& w& B! V9 T% P; y( A
inspect xdmcp8 ~0 i7 j) q' i" ]1 d- ~
!& X0 H# `$ S! b' ?7 @
service-policy global_policy global
( F! ~6 J% [- mprompt hostname context( Q9 u, ^7 a! _/ L3 ]- I4 `
Cryptochecksum:2ad8e999c3e0ab9d081619e445622808+ v3 J/ I9 q6 X+ q8 T3 t, X0 p
: end
1 f2 w. t. g" Y* o/ y/ g6 kpixfirewall# |
|
所有IT类厂商认证考试题库下载
【新盟教育】2023最新华为HCIA全套视频合集【网工基础全覆盖】---国sir公开课合集
【新盟教育】网工小白必看的!2023最新版华为认证HCIA Datacom零基础全套实战课
原创_超融合自动化运维工具cvTools
重量级~~30多套JAVA就业班全套 视频教程(请尽快下载,链接失效后不补)
链接已失效【超过几百G】EVE 国内和国外镜像 全有了 百度群分享
某linux大佬,积累多年的电子书(约300本)
乾颐堂现任明教教主Python完整版
乾颐堂 教主技术进化论 2018-2019年 最新31-50期合集视频(各种最新技术杂谈视频)
Python学习视频 0起点视频 入门到项目实战篇 Python3.5.2视频教程 共847集 能学102天
约21套Python视频合集 核心基础视频教程(共310G,已压缩)
最新20180811录制 IT爱好者-清风羽毛 - 网络安全IPSec VPN实验指南视频教程
最新20180807录制EVE开机自启动虚拟路由器并桥接物理网卡充当思科路由器
[复制链接]
