ASA5510 (V8.4) PPPOE 拨号上网
设置Internet 接口:
interface Ethernet0/0 nameif outside security-level 0 pppoe client vpdn group adsl -------------设置ADSL协议 ip address pppoe setroute -------------由ISP之间下发默认路由
配置Lan接口: interface Ethernet0/1 nameif inside security-level 100 ip address 192.168.10.1 255.255.255.0
设置PPPOE 拨号:
vpdn group adsl request dialout pppoe
ADSL 用户名,由ISP提供:
vpdn group adsl localname ad67338760 -------------- ad67338760 用户名
ADSL 用户名、密码,由ISP提供:
vpdn username ad67338760 password cisco store-local --------cisco 密码、ad67338760 用户名
ADSL协议设置:
vpdn group adsl ppp authentication pap
上网设置:
object network obj_any subnet 0.0.0.0 0.0.0.0 nat (inside,outside) dynamic interface
或者
object network obj_any subnet 192.168.10.0 255.255.255.0 nat (inside,outside) dynamic interface
开放ICMP列表:
access-list outside_in extended permit icmp any any
access-group outside_in in interface outside
远程管理SSH:
V8.4
username schh password cisco ssh 0.0.0.0 0.0.0.0 outside ssh timeout 5
V8.3
username schh password cisco aaa authentication ssh console LOCAL ssh 0.0.0.0 0.0.0.0 outside ssh timeout 5
修改密码:
enable password cisco
VTY Password
passwd cisco
查看接口获得的IP:
ciscoasa# show int ip brief Interface IP-Address OK? Method Status Protocol Ethernet0/0 116.231.210.32 YES CONFIG up up Ethernet0/1 192.168.10.1 YES CONFIG up up Ethernet0/2 unassigned YES unset administratively down down Ethernet0/3 unassigned YES unset administratively down down
以下链接是各种8.4 NAT设置方式
ASA8.4 NAT
